Healthcare Technology Featured Article

January 28, 2016

EHNAC, NH-ISAC Partner to Combat HIPAA Breaches

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the National Health Information Sharing and Analysis Center (NH-ISAC) have joined forces to help improve cybersecurity in the healthcare market.

Both organizations, individually, have long sought to educate the market about best practices regarding cybersecurity and patient information. Their new memorandum of understanding will combine their efforts to double down on their fight against the increase in breaches officials have seen in recent years. In their combined announcement, the group reported an Identity Theft Resource Center figure of 750 breaches in 2015 of the Health Insurance Portability and Accountability Act (HIPAA). Those security pitfalls have left about 178 million records of private data exposed and highlight the growing problem of weaknesses within the system.

Denise Anderson, the president of NH-ISAC, indicated that the time to act is now and that, together, these groups can make a difference.

“We are very excited to partner with EHNAC on this important effort to advance the security of data as well as health and public health organizations,” Anderson said. “The healthcare sector is coming under increasing threat as can be seen in a number of incidents in the news. Bringing NH-ISAC’s and EHNAC’s expertise and communities together is a first step in helping to keep our members’ operations resilient and safe as well as protected.”

Those members include all manner of healthcare organization that utilize electronic records. Data registry companies, health information service providers, billers, payers, and even third-party administrators all fall within that group – not to mention hospitals and urgent care centers. The number of entities involved even extends to U.S. government entities such as the Department of Health and Human Services.

EHNAC and NH-ISAC will push for increased use of secure, identity-validated information that falls in line with the Medicare and Medicaid directives for Meaningful Use, a set of standards that healthcare providers must reach before becoming eligible for Centers for Medicare & Medicaid Services (CMS) incentive programs. The Direct Project was created in 2010 to give providers a standardized method of sharing data and for complying with each stage of the Meaningful Use guidelines (presently in Stage 2, which addresses the digitization of advanced clinical processes).

Both groups here, with this memorandum of understanding, point out that both excellence of patient care and the privacy of patient information hold their own as objectives for this partnership and for use of the Direct standard overall. While pushing for increased use of data sharing standards, the groups will also generate educational materials and webinars for the organizations they target.

Edited by Kyle Piscioniere

FREE eNewsletter

Click here to receive your targeted Healthcare Technology Community eNewsletter.
[Subscribe Now]