Data443 Risk Mitigation Inc (ATDS)

[stockvaper]

Make Sure You're HIPAA Compliant Before You Have to Prove It

(Poster Note: Many HIPAA compliance privacy challenges (and many not HIPAA) are also needed for GDPR compliance).

"Phase 2 of the Office of Civil Rights (OCR) Health Insurance Portability and Accountability (HIPAA) Audit Program gives healthcare providers 10 days to prepare. Phase 3’s on-site audits give you no time to prepare; auditors show up without warning to review how well you are complying with HIPAA policies and practices. And even if you aren’t chosen for a random HIPAA audit, you can still face penalties for noncompliance if you experience a patient complaint or a breach.

Taking the opportunity to proactively strengthen your privacy and compliance program will help you maintain control of your patient data and avoid compliance headaches that are costly and time-consuming. In other words, the best time to prepare for an audit is before you’re in one.

Phases of HIPAA Compliance
For Phase 2 of the Audit Program, both covered entities and business associates had to meet selected standards and implementation specifications under HIPAA’s Privacy, Security and Breach Notification Rules. The HHS’s Official Audit Protocol was updated in July 2018. In addition, the aforementioned Phase 3 audits are the compliance equivalent of an on-site pop quiz.

Because the data security landscape has become so complex and fluid, compliance regulations will become more stringent. But rather than dreading an OCR audit, care providers can approach the prospect of an audit as a foundation for making the best choices when adopting new tools, technologies, personnel and workflows.

Typical HIPAA Issues to Look For

HIPAA defines a breach as the acquisition, access, use or disclosure of unsecured protected health information (PHI) in a manner not permitted by HIPAA. This activity must pose a significant risk of harm to the affected individual, whether it’s financial, reputational or other damages. Under the HIPAA Breach Notification Rule, covered entities and business associates are required to notify affected individuals if unsecured PHI is breached.

The HIPAA violations that result in the largest fines are:

1. Third-party disclosure of PHI
2. Improper disposal of PHI
3. Mishandling of medical records
4. Employees disclosing information
5. Database breaches
6. Lost or stolen devices
7. Failure to perform an organization-wide risk analysis
8. Employees legally accessing patient files
9. Lack of training
10. Failure to encrypt PHI on portable devices

These are just the violations that cost the most. In addition, many other events can result in a HIPAA violation or breach, and therefore fines and settlements — including drug diversion, cybersecurity attacks, insider threats, fraud and identity theft.

Typical HIPAA Violations
HIPAA audits have both a bark and a bite. Since the regulation went into effect in 2003, the OCR has discovered 56 Privacy Rule violations and handed out close to $100 million in fines. And as of 2018, the OCR has received more than 184,000 HIPAA complaints and initiated more than 902 compliance reviews.
The compliance issues most often investigated by the OCR are, in order of frequency:
Impermissible uses and disclosures of PHI

o Lack of PHI safeguards
o Lack of PHI patient access
o Lack of administrative safeguards of ePHI
o Use or disclosure of more than the minimum necessary PHI

The covered entities that most often violate HIPAA are general hospitals, health plans, outpatient facilities, private practices and physicians, and pharmacies. More than 37,670 complaints were investigated by the HHS as of July 2018, 69 percent of which have received corrective action."

Read more...
https://www.hcanews.com/news/make-sure-youre-hipaa-compliant-before-you-have-to-prove-it

Three Strategies for Managing Connected Health Data

"In both manufacturing and the consumer products spaces, the Internet of Things (IoT) enables sensors and devices to collect data about everything from productivity to user interactions. New connected health products that are in development and on the market are expanding these capabilities and collecting data about consumers’ heart rate, physical activity, insulin levels, medication usage, and more. Such connected health data unlocks a wide range of uses for the market as well as the medical field in general..."

"...In Jabil’s 2018 Connected Health Technology Trends survey, 97 percent of the surveyed healthcare manufacturing decision makers reported that they plan to collect data in their connected healthcare devices. Slightly more than 50 percent plan to store it in a public cloud infrastructure; 39 percent will store it on a local device, such as a smartphone; 36 percent will use their own infrastructure; and 31 percent will store the data on the connected healthcare device itself.

Nearly all survey participants agreed that this connected health data will be useful. Nearly half said it can be used to drive general healthcare outcome research, 46 percent said it can be used to provide reports to the users,
and 42 percent said the data could be shared with healthcare providers. On the technology side, 53 percent also noted that the data could be used to identify and solve problems with the devices and connectivity, and 49 percent pointed out that the data can help developers understand use models and can guide project development."

Read abundantly more...
https://www.iotforall.com/manage-iot-health-data-three-strategies/

Global Cyber Security In Healthcare Market Will Reach USD 10.7 Billion By 2024: Zion Market Research

"According to the report, the global cyber security in healthcare market was valued at approximately USD 6.6 billion in 2017 and is expected to generate revenue of around USD 10.7 billion by the end of 2024, growing at a CAGR of around 7.1% between 2018 and 2024.

Zion Market Research has published a new report titled “Cyber Security in Healthcare Market by Deployment (On-Premise and Cloud-Based), by Security Type (Application Security, Cloud Security, Content Security, Endpoint Security, Network Security, and Wireless Security), and by End-User (Pharmaceutical & Chemical Manufactures, Medical Device Companies, Health Insurance Companies, Hospitals & Clinics, and Others): Global Industry Perspective, Comprehensive Analysis, and Forecast, 2017 – 2024”. According to the report, the global cyber security in healthcare market was valued at approximately USD 6.6 billion in 2017 and is expected to generate revenue of around USD 10.7 billion by the end of 2024, growing at a CAGR of around 7.1% between 2018 and 2024.

Cyber security refers to the protection of internet-connected systems, including hardware, software, and data, from cyber-attacks. All the data, including electronic records and patient records, available on any device are a target for cyber-attacks. Data breach is a major concern, as several instances of data thefts and data breach have occurred since the introduction of connected medical devices technology. In the U.S., FDA’s recently released final guidance on the post-market management of cyber security in medical devices is a part of the FDA’s constant efforts to ensure safety and efficacy of medical devices, as they encounter cyber threats, at all stages in the devices’ lifecycle. Healthcare is vulnerable due to the historic lack of investments for cyber security, vulnerabilities in existing technology, and staff behavior. It has become increasingly clear that cyber security is a risk factor for healthcare data. Attacks can compromise not only networks and data but also threaten applications and services supporting critical patient care systems."

Read more...
https://globenewswire.com/news-release/2018/11/30/1660013/0/en/Global-Cyber-Security-In-Healthcare-Market-Will-Reach-USD-10-7-Billion-By-2024-Zion-Market-Research.html

Evaluating blockchain and distributed ledger use for the NHS

"Dr Stewart Southey weighs the potential benefits of blockchain and distributed ledger technology in the NHS

The past few years have seen a veritable frenzy wherever the term blockchain has been used. Touted as the silver bullet that will save every industry, billions of euros of venture capital and crowdfunded money has been poured into new projects. Though there are many exciting new start-ups promising to revolutionise healthcare, there are significant challenges ahead before we will know exactly how helpful a distributed ledger can be. This article explores these issues in the context of the UK’s National Health Service (NHS).

An overview of the National Health Service
It’s a bit of a misnomer to think of the NHS as a national organisation. Though funded centrally (almost exclusively through tax contributions), co-ordination of healthcare is performed by a myriad of semi-autonomous and partially competing entities.

One of the largest employers in the world, the NHS treats 1.4 million patients every 24 hours. 207 clinical commissioning groups (CCGs) help channel funds to more than 7,400 GP practices, 135 acute non-specialist trusts and other organisations in England alone. There are 853 for-profit and not-for-profit independent sector organisations providing care to patients from 7,331 locations.1 It is therefore fair to say that the flow of money and data is at best complicated but more likely indecipherable for any single individual."

Read quite a bit more...
https://www.healtheuropa.eu/blockchain-distributed-ledger/89316/

Healthcare giants turn to blockchain for a joint database of doctors
The pilot project will eventually lead to securely sharing confidential information, they hope

"Plans by a group of leading healthcare industry firms to create a joint database of doctors and other healthcare providers using Quorum’s Ethereum-based enterprise blockchain technology got a boost this past week when two industry giants—insurer Aetna, which was just purchased by CVS Health, and Ascension, the largest non-profit health system in the country with more than 150 hospitals—joined the project.

The Synaptic Health Alliance’s overarching goal is see if blockchain’s distributed ledger technology can be used to share the burden of managing healthcare provider data while improving its accuracy, without adding another intermediary to the process. The other members are health insurers Humana and UnitedHealthcare, healthcare cost management provider MultiPlan, medical testing firm Quest Diagnostics, and UnitedHealth Group’s Optum, whose offerings range from pharmacy benefit management to data analytics and IT services to medical practice management."

Read more...
https://modernconsensus.com/technology/healthcare-blockchain-database-doctors-synaptic/

Possibilities of Blockchain in Healthcare Sector

"Healthcare sector is one such sector which has adopted the new technologies rapidly and has got benefitted, probably the most. Blockchain is emerging as one of the revolutionizing technology and is sure to impact the healthcare sector as well. A recent report from PwC laid the groundwork for the same by sorting few key areas to witness the most impact in healthcare.

Validation of Medical Supply Chain and inventory

From manufacturers to retailers everyone coming under the medical supply chain would be benefitted with the transaction tracking that blockchain offers. Every time a transaction made in the supply chain will be recorded and validated in the blockchain ledger. As blockchain ledger is open to view for all those who are part of it, will simplify the transfer of data and allow the recipients of the product to validate their provenance with greater certainty. Blockchain allows all involved to “agree on history” which will ensure the integrity of the supply chain against fake and substandard medications.

Streamline Enrolment, Payment and Contract Data

Currently, payment, enrolment and contract data process take a lot of time and human efforts to be accomplished. Healthcare needs to be fast-paced and blockchain has the capability to so. A blockchain enabled system would allow both parties (provider and payer) to share and update data in real time; boosting the speed of the overall process and reducing the accomplishment time to days instead of weeks or month.

Similar kind of changes can be observed in back-office operations such as payments and contract. Nowadays these processes are conducted manually which is long and tiring. Blockchain enables the smart contract with transaction encoded and stored on it. This real-time approach will ease the audit and report process and also will be preventive against frauds and human errors.

Aggregate and Manage Patient Data

In healthcare the biggest issue is to aggregate and manage patient as the data stored here is decentralized also huge at the same time which makes it difficult to manage the same. Using Blockchain technology all the data can be pooled together in the centralized system and can be distributed to entities as per their requirements. This will allow ownership of data by patients and analysis of better and large volume of data leading to better predictive outcomes.

Improved Risk Tracking and Regulatory Compliance

Risk tracking and regulatory compliance is a constant nag in healthcare and providers are in a quest for better options to manage the same. Blockchain can emerge as a solution to the same as it keeps a record of each transaction made; will allow companies to keep track of product recalls, audits and tracking product distribution. The validation of the supply chain will enable entities easily and simply comply with regulations and whenever reporting is required smart contract logic could ensure certain actions trigger necessary reporting based on data stored in the blockchain.

With the use and capabilities, blockchain technology can be really handy in the healthcare sector but it certainly cannot change things overnight. At first, every level and entity must accept the technology and understand the benefits it brings with itself and then the only one can think of better future of healthcare sector."

Read more...
https://www.cioreview.com/news/possibilities-of-blockchain-in-healthcare-sector-nid-27627-cid-31.html

Data443 GDPR Framework Status (Wordpress)
DOWNLOADS HISTORY 8:35 AM 12/14/2018
Today 210
Yesterday 586
Last 7 Days 4,867
All Time 131,676

Version: 1.0.21, Last updated: 1 week ago

Support Issues resolved in last two months: 10 out of 11

https://wordpress.org/plugins/gdpr-framework/advanced/