I don't intend to "get into politics" in this blog; however, I do cover security. Obamacare does have some very major security problems. There are parts of government regulations that cover health data security/privacy. You've encountered these regulations when you are asked to fill out a HIPAA for for release of information. I've been directly involved implementing security in both the private business sector and in the health sector and continue to keep up with those fields.
I agree with most other experts that the Obamacare implementation is a disaster in these areas:
- Planning and project management
- Product
- Workflow associated with the product
- Security with respect to all of the above.
From time to time I will comment on these issues when they directly impact our communities. In this particular case, I want to point you to an article on security associated with the flow of personal health information (PHI) from source- the interview front end of Obamacare- to destination- a doctor's office. The debate in this case covers what the rules and regulations are for securing your information as it flows from the origin to the destination. The article is technical, but you should get from it that this is something the healthcare industry has worked on for a number of years and not settled. You will see a list at the end of the article of things any organization that touches the data (even in transit) needs to internalize and execute. This is a big deal and supports the claim that Obamacare data are low hanging fruit for the malicious.
The article:
http://it-security.blognotions.com/2013/11/27/hipaa-audit-tips-%E2%80%93-conduit-business-associate-or-something-else/?_m=3l%2e000t%2e21%2egw0akw6ons%2e1eh
No comments:
Post a Comment