The Office of the National Coordinator for Health Information Technology unveiled it’s10-year vision for achieving a nationwide interoperable health IT infrastructure.
One of the side effects of the events at the Phoenix AZ VA investigation is that the OIG had discovered that the audit controls in VistA the EHR utilized by VA hospitals was not turned on.
The absence of an audit trail for appointment scheduling limited the ability for both VA brass and OIG investigators “to determine whether any malicious manipulation of the VistA data occurred,” the report authors said. OIG recommended that the VA “immediately enable” this audit function at all VA facilities. “The VA completed this action,” the OIG report said.
This is a basic one for HIPAA security and it is not hard to do. When someone enters the wrong password 5 times, you should lock them out for at least 30 minutes.
Why would you do this? It stops someone from running an attack on a computer if they find out a valid username.
The article is here: http://resetchangewindows7password.com/automatically-lock-out-windows-7-...
Did AOL CEO’s comments violate HIPAA?
The CEO of AOL, in a call with workers blames costs on two moms who had babies in distress. Personally Identifiable Information? Well, if that is enough for people to know about whom he was talking, you bet!
Follow the link below to see Attorney Bill Frumkin on the fallout from AOL CEO Tim Armstrong’s comments on foxnews.com
One of the important aspects of your Risk Mitigation Plan is you Disaster Recovery Plan. A recent article in Health IT News http://www.healthcareitnews.com/news/disasters-happen-best-be-ready?sing... discusses disasters and some approaches to disaster recovery.
When we talk about HIPAA security there are three events we must protect against
• Breaches in Confidentiality of Data
• Lack of Availability of Data
• Damage to the integrity of Data