For the last two years I've been writing articles for Multibriefs and the healthcare associations that distribute their content. It is part of the reason my blog isn't getting the attention it has in past years, but having my thoughts exposed to broader audiences is the tradeoff.
My latest article, Securing Health Information on Mobile Devices, contains important and timely information given the surge in data breaches and HIPAA violations. Below is an excerpt that describes the newly released Cybersecurity Practice Guide, but I hope you will read the entire article, too!
It guides information technology staff and leadership, using open source and commercially available tools and technologies that are consistent with cybersecurity standards, so those providing care can more securely share patient information.
The guide was built around an environment that simulates integration among mobile devices and an EHR system supported by the IT infrastructure of a medical organization. It walks users through the process of implementing relevant standards and best practices to help doctors, nurses and other caregivers use mobile devices in conjunction with an EHR.
The centerpiece is a hypothetical primary care physician who uses her mobile device to perform reoccurring activities such as sending a referral (e.g., clinical information) to another physician, or sending an electronic prescription to a pharmacy. It highlights the characteristics and capabilities that an organization's security experts can use to identify similar standards-based products that can be integrated quickly and cost-effectively with a healthcare provider's existing tools and infrastructure