In the U.S., healthcare providers, health plans, health information technology (‘HIT’) companies and other organizations handling health information face daunting challenges to maintain the privacy and security of information in the face of expanding cyber security threats while striving to meet meaningful use, interoperability, big data and related expectations. Meanwhile, a multitude of potential enforcers are waiting in the wings, seemingly ready to pounce on any data breach or perceived failure to comply with the Health Insurance Portability and Accountability Act of 1996 (‘HIPAA’) or other privacy or security standards. This article addresses some of the cyber security challenges confronting organizations that collect, store, use or disclose the health information of Americans and some important action steps.
Click here to read the full article (originally published in the May 2015 issue of eHealth Law & Policy Journal). Subscription may be required.