Events Calendar

Today
Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
26
27
28
29
30
31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
1
2
3
4
5
6
BARDA Industry Day
BARDA Industry Day
2020-10-27    
12:00 am
Organized by BARDA BARDA Industry Day is the annual meeting held to increase potential partner’s awareness of U.S. Government medical countermeasure priorities, interact with BARDA [...]
More Info
The Future of Insurance USA
The Future of Insurance USA
2020-11-16 - 2020-11-18    
All Day
We’re excited to announce today the launch of The Future of Insurance USA (November 16-18 2020), an online 3-day conference by Reuters Events. The Future [...]
More Info
Geneva Health Forum 2020
Geneva Health Forum 2020
2020-11-16 - 2020-11-18    
12:00 am
Geneva Health Forum 2020 The 8th edition of the Geneva Health Forum will take place from 16-18 November 2020. The thematic of the year will [...]
More Info
Total Health : Build a Better Healthcare System
19 Nov
2020-11-19 - 2020-11-20    
12:00 am
The stage is set for a paradigm shift in healthcare. The opportunity exists to redefine healthcare in a way that transforms patient outcomes, drives efficiency [...]
More Info
The 2nd Saudi International Pharma Expo
The 2nd Saudi International Pharma Expo
2020-11-23 - 2020-11-24    
All Day
Riyadh International Convention & Exhibition Center
ABOUT THE 2ND SAUDI INTERNATIONAL PHARMA EXPO SAUDI INTERNATIONAL PHARMA EXPO offers you an EXCELLENT opportunity to expand your business in Saudi Arabia and international [...]
More Info
World Congress on Medical Toxicology
World Congress on Medical Toxicology
2020-12-01 - 2020-12-02    
12:00 am
World Congress on Medical Toxicology Medical Toxicology Pharma 2020 provides a global platform to meet and develop interpersonal relationship with the world’s leading toxicologists, pharmacologists, [...]
More Info
International Conference on Food Technology & Beverages
01 Dec
2020-12-01 - 2020-12-02    
All Day
International Conference on Food Technology & Beverages” at Kyoto, Japan in the course of Kyoto, Japan, December, 01-02, 2020 Theme of the Food Tech 2020 [...]
More Info
Biomedical, Bio Pharma and Clinical Research
Biomedical, Bio Pharma and Clinical Research
2020-12-03 - 2020-12-04    
12:00 am
Biomedical, Bio Pharma and Clinical Research Conference Series LLC LTD cordially invites you to be a part of “2nd International Conference on Biomedical, Bio Pharma [...]
More Info
Events on 2020-10-27
BARDA Industry Day
BARDA Industry Day
27 Oct 20
Events on 2020-11-16
The Future of Insurance USA
The Future of Insurance USA
16 Nov 20
Geneva Health Forum 2020
Geneva Health Forum 2020
16 Nov 20
Events on 2020-11-19
19 Nov
Total Health : Build a Better Healthcare System
19 Nov 20
Events on 2020-11-23
The 2nd Saudi International Pharma Expo
The 2nd Saudi International Pharma Expo
23 Nov 20
King Abdullah
Events on 2020-12-01
World Congress on Medical Toxicology
World Congress on Medical Toxicology
1 Dec 20
01 Dec
International Conference on Food Technology & Beverages
1 Dec 20
Events on 2020-12-03
Biomedical, Bio Pharma and Clinical Research
Biomedical, Bio Pharma and Clinical Research
3 Dec 20
Latest News

Aug 08 : OIG Finds Privacy and Security Risks with ONC EHR Certification Process

August 8, 2014
oig
It is ironic to learn the Office of Inspector General (OIG) believes the Office of the National Coordinator for Health Information Technology (ONC) essentially has an insufficient compliance program to maintain the privacy and security of the protected health information (PHI) hosted by electronic health records (EHR).In an August 2014 report (A-06-11-00063), OIG concluded that the process ONC uses to certify EHR is not sufficient to ensure the privacy and security of the EHR PHI.I have attached a link to the OIG report and included regarding the findings and recommendations of the OIG.

WHAT WE FOUND

ONC’s oversight of the ATCBs did not fully ensure that test procedures and standards could adequately secure and protect electronic patient information contained in EHRs. Specifically, ONC did not ensure that the ATCBs:

  • developed procedures to periodically evaluate whether certified EHRs continued to meet Federal standards and
  • developed a training program to ensure that their personnel were competent to test and certify EHRs and to secure proprietary or sensitive EHR information.

The ATCBs’ standards and procedures for testing and certifying EHRs met all NIST test procedure requirements that ONC approved. However, those NIST test procedures were not sufficient to ensure that EHRs would adequately secure and protect patient health information; in particular, the procedures allowed ATCBs to certify EHRs that demonstrated the use of a single-character password during testing. In addition, the NIST test procedures did not address common security issues, such as, but not limited to, password complexity and/or logging emergency access or user privilege changes.

WHAT WE RECOMMEND

To ensure that each patient’s health information in EHRs is secure and protected, we recommend that ONC require the ATCBs to:

  • develop procedures to periodically evaluate whether certified EHRs continue to meet Federal standards and
  • develop a training program to ensure that their personnel are competent to test and certify EHRs and to secure proprietary or sensitive EHR information.

We also recommend that ONC work with NIST to strengthen EHR test procedure requirements so that ATCBs can ensure during testing that EHR vendors incorporate a baseline set of security and privacy features into the development of EHRs to address common security issues.

Source

Post Views: 228