Steps to Closing Security and Privacy Gaps in Healthcare Data


1.   Safeguard data from unauthorized individuals.

2.   Monitor controls on key systems and check for inadequate logging.

3.   Protect access control via complex passwords such as using a combination of numbers, symbols, upper and lowercase letters, etc.

4.   Create strong vendor management functions.  The Privacy Rule requires the “minimum necessary” standard be applied to any data shared with vendors.  Vendor management has a life cycle of its own and should be viewed and managed to appropriately protect PHI (protected health information).

5.   Develop business continuity management and incident response plans. Have a disaster recovery plan in place to continue patient care in the event that IT systems are unavailable.  There is a gap with this approach in terms of prioritization and recovery efforts of systems in the event of an incident.  An information security-specific disaster recovery plan should be part of this plan—while a computer security incident response plan should also be developed in case of a breach.  Quick remediation is necessary. 


About Julie

My credentials include a Master's Certificate in Health Informatics, a CHPSE certification (Certified HIPAA Privacy and Security Expert), and certification in HL7 (Health Level 7). The multidisciplinary approach to equipping myself to enter the healthcare IT sector is consistent with my professional background in sales, management, healthcare, and recruiting. I also have a BA in Organizational Psychology from the University of Michigan, which as been invaluable in my professional life for exceling in sales, change management, and laying down an excellent foundation from which I was able to build effective communication skills with professionals of all levels.

Posted on March 14, 2011, in HIPAA and tagged , , , , , , , , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: