PODCAST: 2013 in Data Security

Dec. 24, 2013
In this year-end Healthcare Informatics podcast, Senior Editor Gabriel Perna speaks with David Holtzman, vice president of privacy and security compliance at CynergisTek, about the top trends in healthcare data security in 2013.

In this year-end Healthcare Informatics podcast, Senior Editor Gabriel Perna speaks with David Holtzman, vice president of privacy and security compliance at CynergisTek, about the top trends in healthcare data security in 2013.

To start off the podcast, the former Office for Civil Rights (OCR) deputy director for Health Information Privacy and Security, explained his shift from the public to private sector.

When it comes to data security trends, Holtzman talks about the increased sophistication of malicious threats and subsequent rise of breaches of protected health information (PHI) at healthcare organizations of all sizes in 2013.

Naturally, the conversation flips to the regulations enacted by the Department of Health and Human Services (HHS) updating the the Health Insurance Portability and Accountability Act (HIPAA), with provisions that have come to be known as the Omnibus Rule. Holtzman talks in great detail about market changes that have come about from this rule, including the requirements around covered entities, risk assessments, and the regulations around business associates (BAs) and PHI.  

“The market change this has driven has been with cloud-driven service providers,” Holtzman explains. “It was very interesting that for a number of months, the lament we were hearing from healthcare providers and healthcare facilities that they couldn’t a cloud service provider and for application services who would give them a BA agreement. One by one, the big three [cloud service providers] Microsoft, Amazon, and Google started offering BA agreements. I think this was driven by the requirements of the Omnibus rule.”

Later on, Perna asks Holtzman about what expectations he has for healthcare data security in the next twelve months. In this vein, mentions the revised audit programs that OCR will conduct in 2014, how healthcare organizations will develop industry standards for managing vendors, and lastly, the development of cybersecurity standards and technology. He also talks about how Microsoft will stop supporting the XP operating system and what it means for data security.

To download this or other HCI Podcasts from iTunes, click here.

Sponsored Recommendations

Cloud Communications: Connecting Care at the Core

Cloud communications is the present, the recent past, and the future of collaborative healthcare.

The Ultimate HIPAA Security Guide for Cloud Communications

The healthcare industry is leading the charge in innovation, embracing cutting-edge technologies to enhance patient care and optimize operations. Forward-thinking organizations...

Improving Workplace Safety and Patient Care in Behavioral Health

In 2023, Vail Health enhanced safety in their behavioral health clinic, but the impact went beyond their expectations. Read their case study to see how prioritizing workplace ...

Transforming Hospital Capacity Through Smarter Patient Progression Strategies

Helping patients move seamlessly through every stage of their care, from admission to discharge, is critical to ensuring patient safety, improving outcomes, and optimizing capacity...