[ISN] Factoring new technologies into healthcare risk analysis

http://healthitsecurity.com/2014/02/26/factoring-new-technologies-in-healthcare-risk-analysis/ By Patrick Ouellette Health IT Security February 26, 2014 The HIMSS14 Conference down in Orlando this week will present an opportunity for vendors of all different sizes and specialties to display their offerings to their user audience. New technologies are being announced on what seems like an hourly basis and organizations are implementing them with hopes of efficiency, compliance and better patient care. Simultaneously, the Office for Civil Rights (OCR) is in the early stages of determining the scope of its 2014 HIPAA audits has made it abundantly clear that covered entities and business associates (BAs) use of risk analysis will factory heavily into the audits. Organizations shouldn’t rely solely on new products to make them HIPAA compliant, nor should they avoid technology that will help secure patient data more efficiently and effectively. Achieving equilibrium between the two ends of the spectrum is the best-case scenario when conducting a risk analysis, according to David Holtzman, CynergisTek Vice President of Privacy. Holtzman and Mac McMillan will present at HIMSS14 today at 10 a.m. on “Understanding Risk Analysis“. HealthITSecurity.com asked Holtzman how new technologies such as virtual desktop infrastructure (VDI) or other virtualization technologies that can help take physical storage of data on devices out of the equation should impact organizations’ views on risk analysis. Holtzman explain that even though new technology requires a different set of considerations, the need for risk analyses remains the same. […]