Posted on Sat, Jan 23, 2010 @ 01:15 PM
Aveksa was featured in a recent edition of Health Management Technology Magazine in their Forecast 2010 article on Electronic Health Records.
While modernizing the nations health care records system from paper-based to electronic is crutiual not only to improving patient care but also to lowering administrative costs. But in the race to digitize patient records, robust access security must be addressed as the number of users that might have access sensitive patient data will increase substantially, especially with some of the federated models that are being implemented by health care networks across the nation.
As more and more medical and administrative processes related to patient care and data are being outsourced to third parties for cost efficiencies, health care providers and payers must be concerned about the effectiveness of the security and access governance frameworks with their business associates. At the end of the day you can't outsource your business or regulatory liabilities when an access control failure materializes.
The damage to a health care organization's brand, reputation and the potential for loss of revenue as well as increases to operating expenses are very real risks that can materialize from an access governance failure.
The HITECH Act gave the HIPAA some real teeth and it's now apparent that the Federal Trade Commission (FTC) will be the enforcement arm for this regulation. The FTC has already demonstrated in past consumer privacy breach settlements that it will issue heavy fines and penalties on organizations that fail to implement the right access controls to protected information.