New Healthcare Apps possess security threat?

November 4th, 2014

With the growth in technology, healthcare organizations are implementing policies to secure data. But there are few application loopholes which may lead to severe data breach.

Founder and Chief Medical officer Dr. Joshua La told that the application has more than 150,000 users in six countries including the US, Canada, UK and Australia.

“In Australia, a customized consent form can be signed by patient or representative before images can be taken,” Landy said. “After that images are reviewed by privacy moderators to make sure they have educational value. [They are] being taken respectfully, there’s no sensationalistic images.”

Bryan Vartabedian, a pediatric gastroenterologist at Texas Children’s Hospital wrote in his blog post that the overall concept makes sense as images in medicine are a good way to teach. He is also wary of Figure 1 and what it could mean to patient privacy.

“There’s a difference between de-identification of images on a level that’s compliant with health privacy law and de-identification that respects a patient’s wishes,” Vartabedian wrote. “I operate within the understanding that if a patient can individually identify their own leg, finger, laceration within an image, they should understand very clearly that the image is headed for the very public domain.”

Healthcare professionals must follow rules to keep patients’ protected health information (PHI) secure, even if they are working to improve a patient’s health.

“In the old days medical images never left the medical library or the glossy paper on which they were printed,” he said. “But times have changed, technology is advancing faster than the discussion surrounding its use, and we have to think carefully about how we repurpose and share the images of those under our care.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Healthcare compliance improving according to DataMotion security survey

January 28th, 2014

DataMotion’s conducted second annual survey on corporate email and file transfer habits. It helped to give insights about the perception of responding IT and business decision-makers about their organizations. It considered both advancement and ongoing issues for health care providers in securing patient as per the procedures.

More than 400 IT and business decision makers across the US and Canada participated in the survey.  Survey conducted was cross-industry but special significance was given to healthcare. According to the response from the health care companies, there is a strong effort toward improving security and compliance practices but there is still work to be done. Companies are now beginning to understand the importance to protect private and sensitive data.

“There [have] been improvements in security and compliance since last year, and healthcare in many ways is leading the way compared to other industries, but there are still serious problems to address,” DataMotion’s Chief Technology Officer, Bob Janacek said, “52 percent of healthcare respondents said their company either doesn’t have, or they are unsure if they have, a BYOD policy. There have been many incidents of mobile devices being lost or stolen that contain protected health information, potentially resulting in a HIPAA breach, and this puts organizations at great risk. Furthermore, healthcare regulations have expanded; meaning companies not previously covered, might be now.”

Study showed above average progress in privacy through emails and file transfers because of the emphasis HIPAA and the final Omnibus ruling place on policies. Some of the aspects of the reports are –

-90.4 percent of companies responded positive for security and compliance policies for transferring files electronically

– 84.8 percent mentioned their employees/co-workers capability to encrypt email

– 86.4 percent stated their policy to achieve compliance

– 32.6 percent healthcare respondents replied about co-workers inability to fully understand security and compliance policies for transferring files electronically.

– 3 out of 4 healthcare respondents replied about employees/co-workers “routinely” or “occasionally” violating security and compliance policies

– While 87.7 percent of healthcare companies permit the use of mobile devices for email, 40.3 percent d stated there is no BYOD policy.

– 11.7 percent are unsure about the policy existence.

– More that 25% promoted free consumer-type file transfer services. 30.5 percent said their company does not forbid the use of these services.

Janacek said “These survey findings give us a textured understanding that hopefully will help businesses overcome and anticipate related issues, especially in an age where security and compliance can so dramatically impact the bottom line,”

More efforts have to be made to get the compliance to protect private data. Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Enhanced by Zemanta