Skip to main content
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Digital Health
    • Transformation
    • ESG
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Blogs
    • AI
    • Deals
    • Layoff Tracker
    • HIMSS 2023
  • Opinion
    • Breaking Bias
    • Commentaries
    • Letters
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • 40 Under 40
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • ESG: The Implementation Imperative Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Hospital at Home
    • - Workplace of the Future
    • - AI and Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Sponsored Video Series - One on One
    • Sponsored Video Series - Checking In with Dan Peres
  • Data & Insights
    • Data & Insights Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • Newsletters
  • MORE+
    • Contact Us
    • Advertise
    • Media Kit
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Providers
November 05, 2009 11:00 PM

Expect tougher privacy enforcement: IT experts

Joseph Conn
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    Part one of a two-part series (Access part two):

    You can blame the spotty record of the healthcare industry in protecting the privacy and security of medical records on lax enforcement of federal law, and you'd be right, according to healthcare information technology experts.

    Or, you can blame the same poor record on the culture of the healthcare industry itself, and you'd be right, again, at least in the opinion of one those experts.

    But the stubborn facts are the record has been spotty and it remains to be seen whether the Obama administration can effect change in either federal enforcement policies or healthcare industry cultural norms toward privacy and security, according to physician IT maven Kenneth Kizer. He is the former head of the National Quality Forum, board chairman of electronic health-record system vendor Medsphere Systems Corp. and, from 1994 to 1999, he served as the top doctor at the Veterans Affairs Department, where he oversaw advancements in the VA's VistA clinical IT system.

    It would be a safe bet for healthcare executives, according to Kizer, to assume there will be both tougher enforcement of medical records privacy and security rules and a struggle within healthcare organizations to change their cultures to meet these new enforcement demands.

    “You have to take what I call a much more holistic look at it,” Kizer said. “A lot of the ills that people point to in healthcare and what's behind them, are some of the same problems we see in privacy protection. If you don't, all the rules and penalties aren't going to get you where you want to go.

    “In a way, I see this as the same as patient safety and quality improvement,” Kizer said. “This just has to become an integral part of the fabric and culture of how healthcare is delivered. It should not be just an add-on or a compliance thing.”

    Kizer addressed both law and culture in a 13-page white paper he co-authored, Stemming the Rising Tide of Health Privacy Breaches: The Need for a More Holistic Approach released in June by consultants Booz Allen Hamilton. Glen Day, a Booz Allen principal who heads its cybersecurity and privacy services for healthcare, was Kizer's co-author.

    Some of Kizer's and Day's conclusions—that health information privacy and security risks are widespread, systemic and increasing—dovetail with the findings of another report on privacy and security released in October by the Ponemon Institute, Traverse City, Mich., that “conducts independent research on privacy, data protection and information security policy,” according to its Web site.

    The 18-page Ponemon report, Electronic Health Information at Risk: A study of IT Practitioners, was based on a survey of 542 healthcare professionals who handle medical information. Respondents were leaders and technicians at hospitals and office-based practices, insurance companies, pharmaceutical and medical device manufacturers, claims handlers, pharmacies and pharmacy benefit managers.

    A certain amount of caveat emptor should accrue to both reports. The Ponemon survey was sponsored by LogLogic, a San Jose, Calif.,-based IT login and security management software firm, while Booz Allen provides IT consulting services to the healthcare industry. Increased spending on privacy and security could benefit Ponemon's sponsor and Booz Allen directly.

    Still, both reports point to hard evidence of a growing problem.

    Kizer's and Day's report contains a table of 11 “Notable Healthcare Breaches” that occurred between April 2006 and February 2009 and in which an estimated total of more than 3 million patient records were exposed through internal fraud; stolen laptops, tapes and other storage media; and Web-based security failures.

    The list of healthcare organizations where the breaches occurred reads like a “Who's Who” of the healthcare industry, including providers Kaiser Permanente (twice), New York-Presbyterian Hospital and Johns Hopkins Hospital, and payers Aetna, Humana, WellPoint and UnitedHealthcare.

    “If you look at just in the last six months,” said Kizer, referring to several of the 11 California hospitals fined for privacy and security breaches, “these are all premium, top-of-the-line organizations, which again, to me, says that the problem is deeper and more systemic than just some outliers that don't get it. It really goes to the fabric of what's being done. It's just this big disconnect.”

    Ponemon researchers found that IT professionals are aware of the current and looming privacy and security threats, but feel somewhat less than sanguine about their prospects for adequately dealing with them.

    According to the Ponemon survey:

    Less than half of responding healthcare IT professionals (47%) indicated they either “strongly agree” or “agree” with the statement: “My organization takes appropriate steps to comply with the requirements of HIPAA and other related healthcare regulations,” referring to the Health Insurance Portability and Accountability Act.

    Just 46% of those surveyed responded similarly to: “My organization has adequate policies and procedures to protect health information.”

    And 30% responded that way to: “My organization's senior management views privacy and data security as a top priority.”

    Further, the report concludes, “The majority of IT practitioners in our study believe their organizations do not have adequate resources to protect patient's sensitive or confidential information.”

    Coming in part II: A breaking storm

    What do you think? Write us with your comments at [email protected]. Please include your name, title and hometown.

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    diversity
    Health equity execs leveraging academic roles to drive long-term change
    Patrick Blair InnovAge
    PACE could expand amid possible nursing home closures: InnovAge CEO
    Most Popular
    1
    Centene to lay off 2,000 workers
    2
    How health systems are battling price-gouging allegations
    3
    Senate advances bill to temporarily aid hospitals, health centers
    4
    Elevance, Blue Cross Louisiana halt $2.5B proposed deal
    5
    Tower Health to sell urgent care centers, close others
    Sponsored Content
    Modern Healthcare A.M. Newsletter: Sign up to receive a comprehensive weekday morning newsletter designed for busy healthcare executives who need the latest and most important healthcare news and analysis.
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Help Center
    • Advertise with Us
    • Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Digital Health
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • ESG
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Blogs
      • AI
      • Deals
      • Layoff Tracker
      • HIMSS 2023
    • Opinion
      • Breaking Bias
      • Commentaries
      • Letters
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • 40 Under 40
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • ESG: The Implementation Imperative Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Hospital at Home
        • - Workplace of the Future
        • - AI and Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Sponsored Video Series - One on One
      • Sponsored Video Series - Checking In with Dan Peres
    • Data & Insights
      • Data & Insights Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • Newsletters
    • MORE+
      • Contact Us
      • Advertise
      • Media Kit
      • Jobs
      • People on the Move
      • Reprints & Licensing