Factoring new technologies into healthcare risk analysis

[InfoSec News <alerts () infosecnews org>]

http://healthitsecurity.com/2014/02/26/factoring-new-technologies-in-healthcare-risk-analysis/

By Patrick Ouellette
Health IT Security
February 26, 2014

The HIMSS14 Conference down in Orlando this week will present an 
opportunity for vendors of all different sizes and specialties to display 
their offerings to their user audience. New technologies are being 
announced on what seems like an hourly basis and organizations are 
implementing them with hopes of efficiency, compliance and better patient 
care. Simultaneously, the Office for Civil Rights (OCR) is in the early 
stages of determining the scope of its 2014 HIPAA audits has made it 
abundantly clear that covered entities and business associates (BAs) use 
of risk analysis will factory heavily into the audits.

Organizations shouldn’t rely solely on new products to make them HIPAA 
compliant, nor should they avoid technology that will help secure patient 
data more efficiently and effectively. Achieving equilibrium between the 
two ends of the spectrum is the best-case scenario when conducting a risk 
analysis, according to David Holtzman, CynergisTek Vice President of 
Privacy. Holtzman and Mac McMillan will present at HIMSS14 today at 10 
a.m. on “Understanding Risk Analysis“.

HealthITSecurity.com asked Holtzman how new technologies such as virtual 
desktop infrastructure (VDI) or other virtualization technologies that can 
help take physical storage of data on devices out of the equation should 
impact organizations’ views on risk analysis. Holtzman explain that even 
though new technology requires a different set of considerations, the need 
for risk analyses remains the same.

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/