PODCAST: 2013 in Data Security

Dec. 24, 2013
In this year-end Healthcare Informatics podcast, Senior Editor Gabriel Perna speaks with David Holtzman, vice president of privacy and security compliance at CynergisTek, about the top trends in healthcare data security in 2013.

In this year-end Healthcare Informatics podcast, Senior Editor Gabriel Perna speaks with David Holtzman, vice president of privacy and security compliance at CynergisTek, about the top trends in healthcare data security in 2013.

To start off the podcast, the former Office for Civil Rights (OCR) deputy director for Health Information Privacy and Security, explained his shift from the public to private sector.

When it comes to data security trends, Holtzman talks about the increased sophistication of malicious threats and subsequent rise of breaches of protected health information (PHI) at healthcare organizations of all sizes in 2013.

Naturally, the conversation flips to the regulations enacted by the Department of Health and Human Services (HHS) updating the the Health Insurance Portability and Accountability Act (HIPAA), with provisions that have come to be known as the Omnibus Rule. Holtzman talks in great detail about market changes that have come about from this rule, including the requirements around covered entities, risk assessments, and the regulations around business associates (BAs) and PHI.  

“The market change this has driven has been with cloud-driven service providers,” Holtzman explains. “It was very interesting that for a number of months, the lament we were hearing from healthcare providers and healthcare facilities that they couldn’t a cloud service provider and for application services who would give them a BA agreement. One by one, the big three [cloud service providers] Microsoft, Amazon, and Google started offering BA agreements. I think this was driven by the requirements of the Omnibus rule.”

Later on, Perna asks Holtzman about what expectations he has for healthcare data security in the next twelve months. In this vein, mentions the revised audit programs that OCR will conduct in 2014, how healthcare organizations will develop industry standards for managing vendors, and lastly, the development of cybersecurity standards and technology. He also talks about how Microsoft will stop supporting the XP operating system and what it means for data security.

To download this or other HCI Podcasts from iTunes, click here.

Sponsored Recommendations

Care Access Made Easy: A Guide to Digital Self-Service for MEDITECH Hospitals

Today’s consumers expect access to digital self-service capabilities at multiple points during their journey to accessing care. While oftentimes organizations view digital transformatio...

Going Beyond the Smart Room: Empowering Nursing & Clinical Staff with Ambient Technology, Observation, and Documentation

Discover how ambient AI technology is revolutionizing nursing workflows and empowering clinical staff at scale. Learn about how Orlando Health implemented innovative strategies...

Enabling efficiencies in patient care and healthcare operations

Labor shortages. Burnout. Gaps in access to care. The healthcare industry has rising patient, caregiver and stakeholder expectations around customer experiences, increasing the...

Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

Join us for this April 30th webinar to learn about 2024's State of the Market Report: New Challenges in Health Data Management.