Security Advice for Smaller ProvidersOnline Toolkit Offers Insights for Small Hospitals, Clinics
The Healthcare Information and Management Systems Society and the Medical Group Management Association joined forces to create the free Privacy and Security Toolkit for Small Providers.
One of the biggest challenges smaller hospitals and clinics face when tackling information privacy and security issues is a lack of knowledge and resources, says Lisa Gallagher, senior director of privacy and security at HIMSS, an association for IT executives. "They don't have a deep background on the topic," she says. The toolkit is designed as a starting point to give them an overview of key issues, including HIPAA and HITECH Act compliance, she adds.
Security a Challenging IssueRobert Tennant, senior policy adviser at MGMA, an association of clinic administrators, says, "We have found in talking to our members that security has proven to be a challenge for group practices."
Clinics applying for the HITECH Act's electronic health record incentive program must conduct a risk analysis and take action to mitigate any risks identified, he notes. "I believe that's going to be a tremendous challenge for practices trying to achieve meaningful use of EHRs," he adds.
"A practice can go out and hire a lawyer or consultant to navigate this very rough water, or you can use the toolkit to familiarize yourself with the issues," Tennant says. "The kit can help you to conduct a risk analysis or to have a better idea of what help you need to get from a security professional."
The online resource will evolve in the months to come, adding information on new regulations, whitepapers, case studies and interactive forums. Ultimately, it will become a subset of HIMSS' broader privacy and security toolkit designed for larger organizations, Gallagher says. That kit soon will be revamped to use a dashboard model.