As part of our continuing podcast series on the top issues and challenges facing health IT and the healthcare industry, last week we released the recording of our recent discussion with Mac McMillan, Chair of the HIMSS Privacy & Security Task Force and CEO of Cynergist Tek – a firm specializing in the areas of information security and regulatory compliance in healthcare. The discussion covered:
- The HIMSS Security & Privacy Task Force mission and objectives
- How the recent HIPAA rule changes effect the provider-business associate relationship
- The difference between “access” and “possession” of personal health information (PHI) and how it impacts HIPAA compliance
- The definition of “privacy”
- How fear factors into policies surrounding privacy
- Modern, viable technologies to protect patient data
- Whether the use of biometrics for patient identification violates patient privacy
- PHI application patient adoption trends
An extremely informative discussion, Mac was able to walk us through not only the infrastructure of the HIMSS Privacy & Security Task Force, but provide an overview of its mission to review the policy issues affecting privacy and security in healthcare that arise from new legislation, regulation, and rules. Plus Mac discussed the detailed new HIPAA rules on how PHI is maintained and protected and what constitutes “access” vs. “posession” of PHI data plus he commented on increased accountability and transparency in the industry including steps healthcare providers need to take to help tighten oversight on third party vendors management patient information.
Mac went on to provide us his definition of “privacy” and offered interesting insight on how patient interpretation of privacy largely hinges on generational influence and how PHI data management is a major influence of patient industry perception. Mac also discussed in detail how fear of the known vs. the unknown may play an important part in shaping healthcare provider procedures and guidelines and how fear is an important motivator for making organizational change.
We wrapped up our discussion with Mac with his opinion on whether using technologies like biometrics for patient identification violate patient privacy (he feels they don’t if explained properly to the patient and data is protected) as well as his thoughts on the increasing trend in patient PHI portal adoption, whether we can expect to see increases in this trend and what types of patient portals are more acceptable and trusted by patients.
Overall, this is an excellent podcast to learn more about recent trends and changes in PHI data management and new information on what types of technologies are available for healthcare providers to research that will help to protect this sensitive information. Our thanks to Mac for his time, insight, and wisdom on these topics. We encourage you to download and listen to the podcast at your convenience by clicking here.
Do you have an idea for a podcast? Drop us a note at firstname.lastname@example.org with your ideas. Thanks for listening!