August 24, 2004

The patchwork of medical privacy laws

Health Care By: ams

The introduction to the paper below has a lengthy and illuminating rant about the pre-HIPAA patchwork of laws and regulations around medical records privacy. I’d definitely want to read the original NRC report

HIMSS (Healthcare Information and Management Systems Society): JHIM: Journal of Healthcare Information Management

Security Measures Required for HIPAA Privacy


Margret Amatayakul, RHIA, FHIMSS

The state of security in healthcare is no less diverse. In 1997, the National Research Council released a landmark work: For the Record: Protecting Electronic Health Information. This report of a field study revealed that healthcare organizations did very little to counter security threats. Although it could not document the actual volume of threats, it did identify mistakes, improper use of access privileges, unauthorized use for spite or profit, unauthorized physical intrusion, and technical break-in as not uncommon occurrences. Likewise, organizational and even simple technical mechanisms such as authentication, auditing, access controls, and cryptography were rarely in place. Most healthcare organizations relied on corporate culture and closed networks to protect the private information of their patients and providers.

  • blog

  • companies & initiatives

  • October 2019
    M T W T F S S
    « May    
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  
  • archive

  • categories