Liveblogging from HIMSS 13: Managing Privacy and Security Challenges of Patient EHR Portals

Online Tech is exhibiting our HIPAA hosting solutions for the healthcare industry at HIMSS 13 in New Orleans this year! Tune into our Twitter and follow our blog for updates on the latest HIMSS 13 news.

If you’re at HIMSS 13, visit booth #1369 to say hi or schedule a free one-on-one consultationwith a panel of health IT experts.

Managing Privacy and Security Challenges of Patient EHR Portals

: HIMSS 13 Security Challenges of Patient EHR Portals

Adam Greene, JD, MPH Davis Wright Termaine and Jackie Monson, JD, CHC Mayo Clinic discussed some of the real life privacy and security challenging facing patient EFR portals at HIMSS 13.

One aspect that challenges patient portals is handling permissions of patient representatives for minors or those who have a medical decision maker appointed.

Mayo clinic found that they had more patient requests for amendments to their patient records. It’s easy to request an amendment, but this has proven overwhelming to the security and privacy office so far. They have seen a 100% increase in patient requests for medical record amendments. This ranges from simple changes such as “Right” to “Left” for correcting an amputation record to asking for their entire medical record to be rewritten.

Many patients are reading notes from physicians for the first time, and correcting inaccuracies or objecting to aspects they disagree with.

Make sure to include the patient portal within the scope of the risk assessment to evaluate risks including:

interception during transmission,
unauthorized access,
internet-facing interface,
EHR portal software problems (has it been independently tested)

READ

Dealing With A Health Crisis? Avoid Medical Identity Theft With These Tips

Authentication issues
Does there need to be in-person authentication? Will you require seeing a driver’s license for example? What do you do for patients who cannot easily come in person, but want remove access to their information.

How about strong passwords? Will they impact patient usability?

How are the servers protected? Are their physical safeguards protecting against theft? Is encryption being used? What happens of the patient contributes to a security failure with a weak password, sharing credentials, or loses their mobile device. What can you do to limit risk of any single point of faliure?

Jacki Monson, JD, CHC has been struggling with security issues at Mayo clinic. Now they have an outside vendor performing monthly testing and make sure that their audit logs are turned on so they can get to the bottom of troubleshooting issues. For example, their patient portal was changing a number

Mayo allows their patients to choose if they want in-person validation or not. Some patients want to make sure that their spouses can’t authenticate even if they know answers to personal information such as what was the first car they drove or where they lived 15 years ago.

Make sure that audit logging is in place to a level of detail that will be helpful to find out what went wrong when it goes wrong.

PHR vs. EHR

PHR = Personal Health Record is a patient controlled record
EHR portal is a window into a patient’s own electronic health record – it is not their patient-controlled PHR.

PHR and EHR can work together so that patient gets to see their information through the EHR portal, the EHR portal feeds into the PHR, and/or facilitating patients adding information through the PHR and deciding if they want it shared with the EHR.

READ

7 Important Benefits Of Electronic Health Records (EHRs)

Is PHR considered PHI (protected health information) belonging to the covered entity? Is it on the covered entity’s servers or their business associates? Just because the patient controls their PHI in the PHR, if the patient information is on the CE or BA servers, then it must be protected.

Will the portal include sensitive information subject to state law restrictions such as HIV/STD tests, dental health information, genetic test results, alcohol or substance abuse treatment information?

Mayo spans many states, and follows the most restrictive state law that applies to information in the portal. Currently, clinical information that triggers a strict state law are not being released on the portal, for example, information for an emancipated minor.

Mayo has had to meet mobility security challenges with their new mobile health applications for iPhones and iPads which helps Mayo Clinic meet MU requirements. These include authentication, encryption, password, privacy challenges such as appointment reminder popups and portal messages to patients.

What does the future hold? Stage 2 Meaningful Use pushes strongly for the use of patient portals. It also strongly promotes inclusion of patient amendments. When an HIE maintains the EHR record, will an HIE provide a patient portal view for patients?

The post Liveblogging from HIMSS 13: Managing Privacy and Security Challenges of Patient EHR Portals appeared first on Managed Data Center News.

Understanding The Impact Of Google’s Medic Update On Health Sites

How Health Facilities Can Prepare For Natural Disasters

10 Major IT Challenges Healthcare Organizations Are Facing Today

Navigating The Changing Landscape Of The Medical Marijuana Industry

Why Meal Planning Is Good for Your Budget & Your Health

How Do I Become A Clinical Documentation Specialist?

How To Get Capital For New Equipment For Your Healthcare Business

Financial Benefits For People Suffering From Dementia

How Health Facilities Can Prepare For Natural Disasters

10 Major IT Challenges Healthcare Organizations Are Facing Today

4 Tips For Home Health Care Agencies To Survive The Worker Shortage

Top Tips For A More Eco-Friendly Healthcare Facility

Telemedicine Is An Efficient Tool To Transform The Healthcare Industry

How Startups Are Bringing Healthcare To Rural Areas

7 Important Benefits Of Electronic Health Records (EHRs)

Cataract Procedures: Which One Is Best For You?

7 Important Benefits Of Electronic Health Records (EHRs)

Three Practical Uses For Wearables In EHR

Patient Misidentification: Just How Damaging Is It?

Dealing With A Health Crisis? Avoid Medical Identity Theft With These Tips

Top 5 Ways Mobile Apps Are Impacting Health And Fitness Industries

How To Use SMS To Increase Customer Satisfaction In Healthcare

Top 5 Advantages Of A Heart Rate Monitor – For Workouts And Daily Life

Google Fitness Platform And The Future Of Fitness Apps

Why You Need To Know The Risks Of Self-Diagnosis

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

7 Tips To Make Sure Your Medical Practice Is Found Online

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

Making Sense Of The Surge Of Voice Recognition Software In Healthcare

What Goes Into The Cost Of A CT Scanner?

7 Key Factors to Consider When Choosing a Family Dentist

Here Is Everything You Need To Know To Purchase A New MRI Machine

What Goes Into The Cost Of A CT Scanner?

Here Is Everything You Need To Know To Purchase A New MRI Machine

How Anesthesia Can Be Delivered With Anesthesia Machines

The Roles And Responsibilities Of An Audiologist

Making Sense Of The Surge Of Voice Recognition Software In Healthcare

Important Things To Know About Advances In Healthcare Robotics

Here’s How Technological Innovation Is Transforming Healthcare

Origin of Popular Surgeries

What to Expect as a First Time User of CBD Gummies

Four Signs That Show You Need Rehabilitation

How To Choose The Right Dentist: Try These 6 Simple Steps

Dealing With A Health Crisis? Avoid Medical Identity Theft With These Tips

The Muddled Relationship Between Your Health Initiatives and Credit Score

Crooked Teeth vs. Perfect Teeth: Clip-On Veneers

How Does Fat Leave Your System When You Lose Weight?

Pros And Cons Of Flossing: Why Is This Dental Tip Overlooked?

The Positive Impact Of Outdoor Activities And Events On Kids’ Health

3 Things To Consider When Looking For A Heart Doctor

The Value And Criticism Of Robot-Assisted Heart Surgery

Here’s What To Know About Sleep And Heart Health

Is It Time to See a Cardiologist?

Crooked Teeth vs. Perfect Teeth: Clip-On Veneers

Pros And Cons Of Flossing: Why Is This Dental Tip Overlooked?

Dental Anxiety: Why It’s Common And How To Deal With It

5 Simple Tips for Optimal Oral Health

Take These 4 Important Steps For Healthy And Happy Aging

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

How Does Fat Leave Your System When You Lose Weight?

The Positive Impact Of Outdoor Activities And Events On Kids’ Health

How Can Parents Prevent Obesity In Children

Do Fat Burners Work? Busting Five Weight Loss Supplement Myths

Four Ways to Banish Back Pain For Good

The Most Important Things To Know When Choosing A Chiropractor

A Guide to Caring for Bunions

5 Best Exercises to Strengthen Your Lower Back

Are You Healthy Enough to be a Surrogate?

5 Tips for a Healthy Pregnancy

3 Nutritious Foods To Eat During Your Second Trimester Of Pregnancy

A High Fiber Diet During Pregnancy May Reduce Celiac Risk In Children

Radiology as an Enterprise Model for Collaboration

Relationship Between Clinical Decision Support Systems (CDSS) & Radiology Must Evolve

Diagnostic Reading #33: Five Must-Read Articles from the Past Week