Events Calendar

Today
Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
27
28
29
30
31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
HIMSS and Health 2.0 European Conference
11 Jun
2019-06-11 - 2019-06-13    
All Day
Messukeskus Helsinki, Expo & Convention Centre
HIMSS and Health 2.0 European Conference Helsinki, Finland 11-13 June 2019 The HIMSS & Health 2.0 European Conference will be a unique three day event you [...]
More Info
7th Epidemiology and Public Health Conference
7th Epidemiology and Public Health Conference
2019-06-17 - 2019-06-18    
All Day
Dubai
Time : June 17-18, 2019 Dubai, UAE Theme: Global Health a major topic of concern in Epidemiology Research and Public Health study Epidemiology Meet 2019 in [...]
More Info
Inaugural Digital Health Pharma Congress
Inaugural Digital Health Pharma Congress
2019-06-17 - 2019-06-21    
All Day
Seaport World Trade Center
Inaugural Digital Health Pharma Congress Join us for World Pharma Week 2019, where 15th Annual Biomarkers & Immuno-Oncology World Congress and 18th Annual World Preclinical Congress, two of Cambridge [...]
More Info
International Forum on Advancements in Healthcare - IFAH USA 2019
International Forum on Advancements in Healthcare - IFAH USA 2019
2019-06-18 - 2019-06-20    
All Day
Caesars Palace
International Forum on Advancements in Healthcare - IFAH (formerly Smart Health Conference) USA, will bring together 1000+ healthcare professionals from across the world on a [...]
More Info
Annual Congress on Yoga and Meditation
Annual Congress on Yoga and Meditation
2019-06-20 - 2019-06-21    
All Day
Dubai
About Conference With the support of Organizing Committee Members, “Annual Congress on Yoga and Meditation” (Yoga Meditation 2019) is planned to be held in Dubai, [...]
More Info
Collaborative Care & Health IT Innovations Summit
Collaborative Care & Health IT Innovations Summit
2019-06-23 - 2019-06-25    
All Day
Hyatt Regency Inner Harbo
Technology Integrating Pre-Acute and LTPAC Services into the Healthcare and Payment EcosystemsHyatt Regency Inner Harbor 300 Light Street, Baltimore, Maryland, United States of America, 21202 [...]
More Info
2019 AHA LEADERSHIP SUMMIT
2019 AHA LEADERSHIP SUMMIT
2019-06-25 - 2019-06-27    
All Day
San Diego
Welcome Welcome to attendee registration for the 27th Annual AHA/AHA Center for Health Innovation Leadership Summit! The 2019 AHA Leadership Summit promotes a revolution in thinking [...]
More Info
Events on 2019-06-11
11 Jun
HIMSS and Health 2.0 European Conference
11 Jun 19
Helsinki
Events on 2019-06-17
7th Epidemiology and Public Health Conference
7th Epidemiology and Public Health Conference
17 Jun 19
Dubai
Inaugural Digital Health Pharma Congress
Inaugural Digital Health Pharma Congress
17 Jun 19
Boston
Events on 2019-06-18
International Forum on Advancements in Healthcare - IFAH USA 2019
International Forum on Advancements in Healthcare - IFAH USA 2019
18 Jun 19
Las Vegas
Events on 2019-06-20
Annual Congress on Yoga and Meditation
Annual Congress on Yoga and Meditation
20 Jun 19
Dubai
Events on 2019-06-23
Collaborative Care & Health IT Innovations Summit
Collaborative Care & Health IT Innovations Summit
23 Jun 19
Baltimore
Events on 2019-06-25
2019 AHA LEADERSHIP SUMMIT
2019 AHA LEADERSHIP SUMMIT
25 Jun 19
San Diego
Latest News

Aug 08 : OIG Finds Privacy and Security Risks with ONC EHR Certification Process

August 8, 2014
oig
It is ironic to learn the Office of Inspector General (OIG) believes the Office of the National Coordinator for Health Information Technology (ONC) essentially has an insufficient compliance program to maintain the privacy and security of the protected health information (PHI) hosted by electronic health records (EHR).In an August 2014 report (A-06-11-00063), OIG concluded that the process ONC uses to certify EHR is not sufficient to ensure the privacy and security of the EHR PHI.I have attached a link to the OIG report and included regarding the findings and recommendations of the OIG.

WHAT WE FOUND

ONC’s oversight of the ATCBs did not fully ensure that test procedures and standards could adequately secure and protect electronic patient information contained in EHRs. Specifically, ONC did not ensure that the ATCBs:

  • developed procedures to periodically evaluate whether certified EHRs continued to meet Federal standards and
  • developed a training program to ensure that their personnel were competent to test and certify EHRs and to secure proprietary or sensitive EHR information.

The ATCBs’ standards and procedures for testing and certifying EHRs met all NIST test procedure requirements that ONC approved. However, those NIST test procedures were not sufficient to ensure that EHRs would adequately secure and protect patient health information; in particular, the procedures allowed ATCBs to certify EHRs that demonstrated the use of a single-character password during testing. In addition, the NIST test procedures did not address common security issues, such as, but not limited to, password complexity and/or logging emergency access or user privilege changes.

WHAT WE RECOMMEND

To ensure that each patient’s health information in EHRs is secure and protected, we recommend that ONC require the ATCBs to:

  • develop procedures to periodically evaluate whether certified EHRs continue to meet Federal standards and
  • develop a training program to ensure that their personnel are competent to test and certify EHRs and to secure proprietary or sensitive EHR information.

We also recommend that ONC work with NIST to strengthen EHR test procedure requirements so that ATCBs can ensure during testing that EHR vendors incorporate a baseline set of security and privacy features into the development of EHRs to address common security issues.

Source

Post Views: 245