The triple threat: Security, privacy and patient safety
This week could probably be summed up by the triple threat of privacy, security and patient safety.
In the realm of patient security, HITRUST, the Department of Health and Human Services (HHS) and other officials revealed earlier this week the results of its inaugural cyber-attack simulation exercise, which examined response and threat preparedness among healthcare organizations. These exercises demonstrated that the generic national cybersecurity framework for critical infrastructure is insufficient and revealed a strong need for greater collaboration between different players within healthcare.
In other privacy and security news, HHS Office of Civil Rights fined two entities--Concentra Health Services and QCA Health Plan—$2 million for failure to properly encrypt laptops and other devices containing patient data. In both instances, the violations were discovered following laptop thefts.
That leaves patient safety. The ECRI Institute released its first ever report detailing its top 10 patient safety concerns.
Poor care coordination, drug shortages, mislabeled specimens, falls while toileting and foreign objects unintentionally retained after surgery, childbirth or other interventional procedures all made the list. The calling out of specific safety concerns is intended to help organizations identify priorities and aid them in creating corrective action plans, according to the institute.
How does your organization stack up when it comes to patient safety, privacy and security?
We’re keeping all three on our radar so stay tuned.
Laura Pedulli (sitting in for Beth Walsh)
Clinical Innovation + Technology