A Breath of Fresh Air at HIMSS

June 24, 2013
At events like HIMSS, Mac McMillan, co-founder and CEO of the consulting firm CynergisTek, and chair of the HIMSS Privacy & Security Policy Task Force, can truly be a breath of fresh air. While a good chunk of the people at this event are giving you a structured, manufactured set of thoughts on a particular topic in health IT, a guy like Mac is simply telling it like it is.

At events like HIMSS, Mac McMillan, co-founder and CEO of the consulting firm CynergrisTek, and chair of the HIMSS Privacy & Security Policy Task Force, can truly be a breath of fresh air. While a good chunk of the people at this event are giving you a structured, manufactured set of thoughts on a particular topic in health IT, a guy like Mac is simply telling it like it is.

I had a great conversation with Mac on the HIMSS exhibition floor on the various privacy and security issues that the industry is facing. Mac, who was a speaker at the HIMSS pre-conference symposium, was firm in his belief that this growing data breach problem is an indictment of healthcare organization leadership. Reiterating the point he made in his HCI blog debut from a few weeks ago, this is a cultural issue. It’s about organizations not spending the money they need to protect their patient data.

Mac isn’t shy about pointing fingers. After he talked about the lack of resources in healthcare organizations that go to into security measures, he mused, “Whose responsibility is it to set priorities and determine who gets resources? Leadership. When you look at the crux of the problem, that’s what it is,” McMillan says.

This leadership issue will be solved one way or another. As McMillan says, either healthcare organizations themselves will get their act together and work on solving this problem. Or, the Department of Health and Human Services’ (HHS) Office of Civil Rights (OCR) will do it for them. The latter option, McMillan tells me, is basically what happened in banking, expect with the Federal Reserve stepping in.

Heaven knows that I’ve blogged and written enough on this subject enough times that I can see McMillan’s point of view. But still, walking around the HIMSS exhibition floor can often seem like an exercise (literally with the floor stretching 1.5 miles and figuratively) in publicized ignorance. Take for instance, the mobile health (mHealth) and bring-your-own-device (BYOD) craze.

Don’t get me wrong, I firmly believe mobile devices can be transformative tools in delivering care. But hearing every vendor talk up these solutions without seriously discussing the security protection is a bit disconcerting. It’s always, “Oh yes, it’s HIPAA compliant,” and then it’s onto the next function. There is a reason why many healthcare CIOs are hesitant to bring tablets and smartphones into the workplace. Security is a huge concern.

“Most of those devices don’t have the right security functionality, or we’re not able to control it, or the user has the ability to disable it. The bottom line is there’s no real good solution out there yet with respect to mobile devices,” McMillan says.

 Instead of putting the data on a smartphone, McMillan suggests having a gateway created that gives practitioners access to the data without leaving it on the device. This can be done, he says, through a web interface with a secure, authenticated connection. There’s also the matter of encryption, to which he was his typical honest self.

“If you’re going to put it there [on the device]…encrypt, encrypt, encrypt,” McMillan says.

It’s this kind of truthfulness that sometimes makes me wish I could talk with 20 Mac McMillans at HIMSS. If I did, the air inside the stuffy Ernest N. Morial Convention Center, with 35,000 some-odd guests, might not seem as stuffy.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?