With a long parade of damaging and headline-grabbing data breaches these past few years, chief information security officers are suddenly on the rise – and that's as true in healthcare as perhaps any industry. As is the case with so many emerging job titles, the reporting structures vary from hospital to hospital. But what appears to be typical is for CISOs to sit one notch below chief information officer. Yet many CISOs work with executives outside IT, such as compliance, legal, risk management and others. Thus, the question of whether or not it makes practical sense to have the CISO report to – be on the same level as – the CIO is becoming a matter of some debate.
Local healthcare providers are taking the term "see your doctor" to a new level. Novant Health Inc., which operates Forsyth Medical Center, recently started offering video visits through the Novant Health Express Care facility at 4136 Clemmons Road in Clemmons. Wake Forest Baptist Medical Center has a new video-visit program for employees and their family members, and is working on a plan to open visits to all its patients. Novant offers video visits within MyChart, an electronic health records portal, for nonemergency health issues. Patients must have a computer, laptop or mobile device such as a smartphone; a webcam; and a MyChart account.
Whereas it's relatively safe to generalize that most technologies improve with each new iteration and user feedback yields changes that customers ultimately appreciate, one has to wonder if today's crop of electronic health records software are among the exceptions to that pattern of progress. Yes, the top-tier EHR vendors are for the most part improving certain aspects of their products, notably usability, workflow, UI, load and response times as well as other features designed to improve both the user experience and productivity. But do the clinicians, physicians, nurses and specialists actually using the software like EHRs any more than they did five years ago?
If someone was sitting on a veranda somewhere in the Alpha Centauri system, reading about health care in America of planet Earth, one would most likely conclude that the family of viruses known as the common cold are destroying a health system already crippled by a glut of poorly educated physicians practicing their miserable craft on a slow-moving and slow-thinking bovine population.
Indiana-based Medical Informatics Engineering says the compromised PHI may have included patients' names, Social Security numbers, mailing addresses, email addresses, birthdates, medical conditions, and lab results.
Compromised PHI may have included patients' names, Social Security numbers, mailing addresses, email addresses, birthdates, medical conditions, and lab results, according to MIE.
The same information was compromised at NoMoreClipboard along with individuals' usernames, passwords, and security questions and answers.
Both MIE and its subsidiary, however, pointed out they don't collect or store financial or credit information on patients.
MIE said it first discovered suspicious activity related to one of its servers on May 26, 2015, and immediately opened an internal investigation with assistance from third-party forensics experts. Law enforcement authorities were also notified.
The statement said MIE's investigation thus far indicates unauthorized access to the company network began on May 7 in a sophisticated cyber-attack, but offered no further details on the nature of the incident. MIE notified victims June 2.
The FBI's cyber-crime division is actively investigating the case with full cooperation from MIE and NoMoreClipboard.
MIE said it has been continuously investigating the attack as well as enhancing its data security and protection.
Free credit monitoring and identity protection services for the next 24 months were offered to victims of the breach and a toll free call center was also setup. NoMoreClipboard further urged its users to change their passwords.
This article originally appeared in HIM-HIPAA Insider.
Last week, the White House issued an update to President Obama's fiscal year 2016 budget request that seeks additional cybersecurity funding for several agencies, including HHS and the Department of Veterans Affairs. he updated budget request seeks $14 billion to be used across the federal government to bolster cybersecurity efforts. The amount represents an 11%, or $1.4 billion, increase from the funding provided in FY 2015. Under the proposed budget update, HHS' cybersecurity funding would increase by 23% from FY 2015 to $262 million.