Despite Bitglass, Inc.'s newness to the healthcare market, the company offers a mobile device management (MDM) solution that is simpler and far less invasive than most solutions available today?something of a feat, as securing data on mobile devices is usually not an easy task.
Mergers and acquisitions in the healthcare industry are often decided upon and negotiated by C-suite staff with involvement from security and IT professionals. However, significant security implications must be considered by both parties prior to, during, and after a merger or acquisition. Security officers are often best suited to dig deep into the information security standards of a facility to identify risks and develop a plan for streamlining security programs between the acquirer and the organization being acquired.
Q: It is my understanding that written authorization is required for the release of PHI even for treatment, payment, and operations purposes. I believe this is true in New York state, but am unsure if it is also true nationally.
Hackers gained unauthorized access to the information technology system of Anthem, Inc., and exposed the PHI of more than 80 million people who are currently or were previously covered by the insurance provider. The attack also exposed the PHI of Anthem's employees, including President and Chief Executive Officer Joseph R. Swedish.
There's considerable confusion about what HIPAA means and what your obligations are under the regulations. I recently presented at a Midwest physician association conference. As is almost always the case, in the front row was an attendee just waiting for the Q&A session.
