Liveblogging from HIMSS 13: Managing Privacy and Security Challenges of Patient EHR Portals

Online Tech is exhibiting our HIPAA hosting solutions for the healthcare industry at HIMSS 13 in New Orleans this year! Tune into our Twitter and follow our blog for updates on the latest HIMSS 13 news.

If you’re at HIMSS 13, visit booth #1369 to say hi or schedule a free one-on-one consultationwith a panel of health IT experts.

Managing Privacy and Security Challenges of Patient EHR Portals

: HIMSS 13 Security Challenges of Patient EHR Portals

Adam Greene, JD, MPH Davis Wright Termaine and Jackie Monson, JD, CHC Mayo Clinic discussed some of the real life privacy and security challenging facing patient EFR portals at HIMSS 13.

One aspect that challenges patient portals is handling permissions of patient representatives for minors or those who have a medical decision maker appointed.

Mayo clinic found that they had more patient requests for amendments to their patient records. It’s easy to request an amendment, but this has proven overwhelming to the security and privacy office so far. They have seen a 100% increase in patient requests for medical record amendments. This ranges from simple changes such as “Right” to “Left” for correcting an amputation record to asking for their entire medical record to be rewritten.

Many patients are reading notes from physicians for the first time, and correcting inaccuracies or objecting to aspects they disagree with.

Make sure to include the patient portal within the scope of the risk assessment to evaluate risks including:

interception during transmission,
unauthorized access,
internet-facing interface,
EHR portal software problems (has it been independently tested)

READ

How An Answering Service Helps Avoid Costly Medical Malpractice Claims

Authentication issues
Does there need to be in-person authentication? Will you require seeing a driver’s license for example? What do you do for patients who cannot easily come in person, but want remove access to their information.

How about strong passwords? Will they impact patient usability?

How are the servers protected? Are their physical safeguards protecting against theft? Is encryption being used? What happens of the patient contributes to a security failure with a weak password, sharing credentials, or loses their mobile device. What can you do to limit risk of any single point of faliure?

Jacki Monson, JD, CHC has been struggling with security issues at Mayo clinic. Now they have an outside vendor performing monthly testing and make sure that their audit logs are turned on so they can get to the bottom of troubleshooting issues. For example, their patient portal was changing a number

Mayo allows their patients to choose if they want in-person validation or not. Some patients want to make sure that their spouses can’t authenticate even if they know answers to personal information such as what was the first car they drove or where they lived 15 years ago.

Make sure that audit logging is in place to a level of detail that will be helpful to find out what went wrong when it goes wrong.

PHR vs. EHR

PHR = Personal Health Record is a patient controlled record
EHR portal is a window into a patient’s own electronic health record – it is not their patient-controlled PHR.

PHR and EHR can work together so that patient gets to see their information through the EHR portal, the EHR portal feeds into the PHR, and/or facilitating patients adding information through the PHR and deciding if they want it shared with the EHR.

READ

Why It's Key To Take Care Of Medical Debt To Avoid Health Issues Later

Is PHR considered PHI (protected health information) belonging to the covered entity? Is it on the covered entity’s servers or their business associates? Just because the patient controls their PHI in the PHR, if the patient information is on the CE or BA servers, then it must be protected.

Will the portal include sensitive information subject to state law restrictions such as HIV/STD tests, dental health information, genetic test results, alcohol or substance abuse treatment information?

Mayo spans many states, and follows the most restrictive state law that applies to information in the portal. Currently, clinical information that triggers a strict state law are not being released on the portal, for example, information for an emancipated minor.

Mayo has had to meet mobility security challenges with their new mobile health applications for iPhones and iPads which helps Mayo Clinic meet MU requirements. These include authentication, encryption, password, privacy challenges such as appointment reminder popups and portal messages to patients.

What does the future hold? Stage 2 Meaningful Use pushes strongly for the use of patient portals. It also strongly promotes inclusion of patient amendments. When an HIE maintains the EHR record, will an HIE provide a patient portal view for patients?

The post Liveblogging from HIMSS 13: Managing Privacy and Security Challenges of Patient EHR Portals appeared first on Managed Data Center News.

Top 5 Points You Need To Know About Medical Marketing

4 Tips For Home Health Care Agencies To Survive The Worker Shortage

How To Get Capital For New Equipment For Your Healthcare Business

7 Things You Should Not Do When Creating Your Health Website

How To Get Capital For New Equipment For Your Healthcare Business

Financial Benefits For People Suffering From Dementia

Cautious Health Care Lending Can Prove Lucrative For The Lenders

What Would Medicare For All Mean For Healthcare Entrepreneurs?

4 Tips For Home Health Care Agencies To Survive The Worker Shortage

Top Tips For A More Eco-Friendly Healthcare Facility

Why Mobile Apps Are Indispensable For Telemedicine

Why It’s Key To Take Care Of Medical Debt To Avoid Health Issues Later

Online Healthcare: A Helping Hand In Today’s Society

4 Proven Lead Generation Strategies For Your Medical Practice

Anxious? Try These Healthcare Gadgets That Relieve Anxiety

7 Things You Should Not Do When Creating Your Health Website

7 Reasons You Need Digital Marketing For Your Medical Practice

Why It’s Key To Take Care Of Medical Debt To Avoid Health Issues Later

Tips To Follow To Help Avoid Surprise Medical Bills

The Global Eye Tracking System Market Is Expected To Skyrocket In The US

The Future Of Real Time Location Systems In Healthcare

The Global Eye Tracking System Market Is Expected To Skyrocket In The US

Why HIPAA Matters To mHealth Apps More Than Ever

Critical Features To Include In Your Health And Nutrition App

Why You Need To Know The Risks Of Self-Diagnosis

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

7 Tips To Make Sure Your Medical Practice Is Found Online

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

10 Important Technology Tips For Healthcare Workers

3 Quick Ways To Market Your Medical Practice

The Future Of Real Time Location Systems In Healthcare

Top Tips For A More Eco-Friendly Healthcare Facility

Here’s Why Plastic Surgery Shouldn’t Be Taboo Anymore

How Tech And Medical Equipment Is Changing The Patient Approach

The Value And Criticism Of Robot-Assisted Heart Surgery

Critical Features To Include In Your Health And Nutrition App

Here’s Why Plastic Surgery Shouldn’t Be Taboo Anymore

5 Technologies That Are Revolutionizing Healthcare

The Value And Criticism Of Robot-Assisted Heart Surgery

Spinal Operation Preparation And Recovery Tips To Know

The Status Of Child Health And Wellness In America Today

What Are Home DNA Tests And How Do They Change Our Life?

Why The Psoriatic Arthritis Treatment Market Is Set To Grow

What To Expect At A Cannabis Vape Lounge

How Self-Determination Theory Can Improve Medical Students’ Motivation

What Are Some Of The Effective Ways To Get Rid Of Eye Floaters?

5 Ways A Facelift Can Make You Look Young And Feel Vibrant Again

How To Motivate Yourself To Go To The Gym After Work

Your Complete Guide To Magnesium: The Most Important Of All Minerals

The Value And Criticism Of Robot-Assisted Heart Surgery

Here’s What To Know About Sleep And Heart Health

Is It Time to See a Cardiologist?

Can Artificial Intelligence Diagnose Illnesses Better Than Other Methods?

Can Teeth Whitening Kits Really Improve Your Smile?

Should I Get Dental Implants? Here’s How To Decide

Why Cosmetic Dentistry Is Important – And Isn’t Just About Appearances

Dental Care During Pregnancy: What Are The Facts?

Take These 4 Important Steps For Healthy And Happy Aging

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

5 Ways Meditation Can Help You With Weight Loss

Fueling Your Exercise Goals

How To Boost Your Metabolism For Effective Weight Loss

Diet And Fitness Advice: What Should You Eat To Be Healthy?

Your Guide to Foot Gains: The 7 Best Foot Exercises for Stronger and More Flexible Feet

Causes Of Lower Leg Pain And Sore Calves To Know About

How To Take Care Of Your Bone Health In Your Forties

Body Pain: Causes, Prevention, And Treatment Tips To Know

Radiology as an Enterprise Model for Collaboration

Relationship Between Clinical Decision Support Systems (CDSS) & Radiology Must Evolve

Diagnostic Reading #33: Five Must-Read Articles from the Past Week

2015 CPT Coding Changes and Your Radiology Practice

5 Ways A Facelift Can Make You Look Young And Feel Vibrant Again

How To Motivate Yourself To Go To The Gym After Work

CBD And Wellness: What You Need To Know