HIMSS Conference Focuses on Data Protection, Secure Data Exchange

At this year's HIMSS conference, healthcare providers, IT experts and health officials discussed the use of information management systems in the sector. In today's healthcare system, the exchange of digital information is critical to efficient and comprehensive patient care. It also reduces costs for organizations that can do their work more efficiently and eliminate paperwork. But with electronic health record adoption on the rise, data protection practices are becoming even more important for patients and providers.

The Department of Health & Human Services announced at the HIMSS conference that they are setting a goal to have 50 percent of physician offices using electronic health records and 80 percent of eligible hospitals receiving incentive payments to use electronic record systems by the end of the year, according to Healthcare IT News.

"Health IT and the secure exchange of information across providers are crucial to reforming the system, and must be a routine part of care delivery," commented Marilyn Tavenner, acting administrator for the Centers for Medicare & Medicaid Services, according to Healthcare IT News.

This means they will push healthcare providers to establish better data security practices in their offices, like using data encryption software to protect patient and employee information. Secure data exchange will also be a focus in the coming years. The Department of Health & Human Services plans to implement rules about what data can be shared and how it should be structured so that it can be sent securely between providers, reported Healthcare IT News.

Compliance considerations
A recent HIPAA Omnibus rule makes it even more costly for healthcare organizations that fail to protect sensitive data. If health information isn't stored in an encrypted form, organizations could be fined up to $1.5 million per breach. Because of this, many of the HIMSS conference sessions focused on securing data and sharing information safely. Experts said that it's important to have protection in place not only for compliance reasons but also so patients feel that their confidential data is protected.

"The backbone of trust comes from this risk analysis," said William Braithwaite, chief medical officer for Equifax. He also added that providers need to "consider size, complexity, technical infrastructure, hardware, and software security compatibilities and costs." By performing risk analysis, providers will have a better idea of the type of technology purchase they make as well as the level of identity authentication required under HIPAA, he said.

Mac McMillian, chair of the HIMSS Privacy & Security Policy Task Force, said that 65 percent of HIPAA compliance failures, like not having having proper controls in place, occurred in the provider space. In the future, with proper data encryption protections, this number could be zero.