The onset of the COVID-19 pandemic has driven the healthcare industry through several simultaneous changes and challenges. Record patient levels, hospital staff shortages, remote work, and HIPAA exemptions have all made appearances at one point or another. Healthcare organization CEOs and other management figures have dealt with many of these situations on the fly, without much warning. As we progress through 2022 and beyond, what should the industry expect from a change perspective? Continue reading to find out how you can stay ahead of the curve!
The healthcare industry is subject to many types of existing and new cybersecurity threats. With technology constantly developing and information considered to be highly valuable, cyber criminals see this industry as a gold mine of sorts. Crime can also occur internally, with employees playing the part of "bad actor."
People with alcohol or drug use disorders do not always seek treatment for their substance use disorders because of fear: fear of the social and legal consequences if family, friends, neighbors, employers, co-workers, law enforcement, and even medical personnel learn of their substance abuse.
Protecting that privacy and encouraging treatment for substance use disorders (SUD) is the purpose of Title 42 of the Code of Federal Regulations (CFR) Part 2: Confidentiality of Substance Use Disorder Patient Records (Part 2).
With advancements in technology, individuals can now be more involved in their healthcare than ever before. Whether it is pulling results, requesting appointments, or transferring records, the way healthcare data is stored and shared has changed. This practice, often referred to as a right of access, allows for on-demand, and real-time access to personal health information (PHI) on the part of a patient, once requested and received.
In April 2021, Colonial Pipeline, representing critical regional gas supply and fuel infrastructure, was severely disrupted by a ransomware attack. The company's billing and business infrastructure were targeted, resulting in a $4.4 million dollar ransom payment in bitcoin. The ripple effects of the attack caused panic buying and gas shortages in many states along the East Coast of the United States, not to mention dangerous chaos among residents. This all may have been avoided if the firm had adequate or stronger cybersecurity measures in place. This example, among many others, serves as a reminder that no one organization or person is safe from a potential cyber-attack. Oftentimes the best defense is being well-prepared for the inevitable.
Sometimes, information not intended to be public knowledge is inadvertently shared with others. Just as easily as it can happen in a casual conversation with a friend, it can also happen in the workplace. So, what is an incidental disclosure? The incidental disclosure definition, according to the U.S. Department of Health and Human Services (HHS), is a, "disclosure that cannot reasonably be prevented, is limited in nature, and that occurs as a result of another use or disclosure that is permitted by the Rule." What happens when there is an incidental disclosure in a healthcare setting? There is not a clear-cut answer. It simply depends on the magnitude of the situation. In general, healthcare settings are fluid environments. That means that a patient overhearing another patient's diagnosis or a visitor catching a glimpse of a screen with some personal health information (PHI) is not common grounds to facilitate a HIPAA violation.
The Cybersecurity Act of 2015 was designed to create a bridge between the Department of Homeland Security (DHS) and its National Cybersecurity & Communications Integration Center (NCCIC) to ease and secure cybersecurity-related information sharing that can be private or public. It was signed into law on December 18, 2015, by then-president Obama, and is considered the most important cyber-related federal law passed to date that facilitates cybersecurity-related information sharing between private sector companies and federal government organizations in a secure way, having a set mechanism. The Cybersecurity Act 2015 outlines NCCIC's role in assessing and reacting to cybersecurity risks and threat indicators. It gives authority to the president of the country to transfer control to deal with the cybersecurity threat to an entity other than NCCIC, even outside the DHS, except to the Department of Defense.
The 5th generation of mobile network, 5G, is designed to connect everyone across the globe at unprecedented speed. This new technology will provide more connectivity than ever before because of its unified interface. 5G utilizes millimeter-wave, allowing for data-heavy applications to be used more seamlessly. 5G will have a profound impact on many industries, including healthcare.
In this blog post, we will explore 5 ways 5G will change healthcare forever, including many 5G healthcare use cases!
Organizations in the healthcare field will be familiar with HIPAA, formally known as the Health Insurance Portability and Accountability Act. Signed into law in 1996, it sets a national standard for protecting personal health information (PHI). It ensures that patients know how their information is stored and shared through consultation and consent. According to the HIPAA Journal, in the twelve months leading up to October 2021, there were 655 reported data breaches that contained 500 or more records across the country. 546 of the 655 occurred in 2021 alone. There is room for improvement in protecting sensitive PHI, especially when dealing with large databases.
Global pandemics like COVID-19 are unprecedented situations, which call for unprecedented action. This mantra is especially true in the field of healthcare, where in early 2020, operations shifted to pre-dominantly virtual care. This action was initiated to keep people apart and from further spreading a virus we knew so little about.