AHA testifies on challenges to health IT adoption

While hospitals are making “great strides” in embracing health information technology, major obstacles to universal adoption include cost and lack of interoperability with current IT systems, an American Hospital Association witness told the House Committee on Science and Technology on Sept. 26 at a hearing on the issue. Commenting on legislation (H.R. 2406) that would direct the National Institute of Standards and Technology to advance health IT integration nationally, Noel Williams, president of HCA Information Technology & Services Inc., said NIST “may be able to develop implementation tactics for health care providers” as it has done for manufacturing but “is likely not the organization to provide the transformational leadership required in health care.”

Williams cautioned the committee against positioning NIST as “just another government entity with overlapping responsibility. It is instead our hope that NIST will function as a common resource to the different players and help advance the goals we have articulated.”

[ via AHA News Now ]

Global survey reveals state of healthcare information security

The "Global State of Information Security" 2007 survey, the fifth annual comprehensive security survey by CIO and PricewaterhouseCoopers presents a global understanding of the state of security in our world. The survey takes a look at the security practices across industries, with more than 7,000 respondents from across six continents, but also examines industry-specific results.

While the survey found healthcare providers to be more likely than other industries to hire a chief privacy officer, or require written certification of privacy policy compliance from employees, there is also evidence of significant problems. For instance, more than 25% of providers indicated they are not in compliance with HIPAA, and 65% do not conduct a risk assessment annually or semi-annually. And healthcare providers are less likely to protect stored data (data at rest) and laptops than other industries, according to the survey.

To view the "Global State of Information Security" survey, click here.

To view the healthcare provider-specific portion of the survey, click here.

[ via HIPAA Weekly Advisor ]

Information in EHR systems still vulnerable: study

Information in electronic health-record systems remains vulnerable, according to a 15-month study assessing EHR security.

The eHealth Vulnerability Reporting Program found commercial EHR systems can be exploited given existing industry development and disclosure practices, and said more steps must be taken to protect data stored in them.

EHR systems assessed during the study could be accessed and personal information gained through standard tools and techniques. The study did not find any specific industry organization that has the responsibility to address security vulnerabilities, or that has established guidelines to manage risks associated with EHR systems. In addition, vendors are inadequately disclosing system vulnerabilities to customers.

“The industry is investing in, and relying heavily on, the promise that these systems offer through improvements in quality and efficiency of care. As such, we must take every measure possible to protect these systems, avoid any disruption in their use and to ensure consumer confidence is maintained,” Robert Mandel, vice president, healthcare services, Blue Cross and Blue Shield of Massachusetts and eHVRP board member, said in a news release.

The Dallas-based reporting program is a collaborative of healthcare industry organizations, technology companies and security professionals to establish guidelines that ensure EHR systems are used with high levels of privacy and security. The study surveyed 850 provider organizations and tested seven EHR systems.

[ via Jean DerGurahian, Modern Healthcare's Daily Dose ]

AHA addresses IOM panel on health IT standards

American Hospital Association President and CEO Rich Umbdenstock on Sept. 17 told an Institute of Medicine committee reviewing the administration’s efforts to adopt and implement health information technology standards that “a different model is needed, one that incorporates collaboration and a public-private partnership.” The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology has asked the IOM Committee on the Review of the Adoption and Implementation of Health IT Standards to study and report on its standards activities by early October.

Specifically, the committee will determine whether the process is advancing as rapidly and cohesively as possible, and aligned to move forward in a coordinated fashion on common priorities to meet the challenges of the national Health IT agenda. The committee launched a two-day meeting yesterday to discuss the issue and plans to report its findings and recommendations next month.

[ via AHA News Now ]

ADA's goal incorporates dental records in EHRs

The American Dental Association (ADA) has named two workgroups to further its efforts to create usable EHR for dentistry, according to an August 23 American Dental Association News article.

The EHR Workgroup will monitor the Systematized Nomenclature of Dentistry (SNODENT) editorial panel, which will oversee the development and review of dental diagnostic codes.

To read the American Dental Association News article, click here.

[ via EHR Connection ]