The latest House bill also includes a provision to establish national standards for electronic claims submission and other HIPAA transactions.
The provision calls for officials to develop data exchange capabilities that can:
* Determine a patient’s financial responsibility at the point of service;
* Enable real-time claims adjudication;
* Harmonize data sets from administrative and clinical transactions; and
* Support machine-readable identification cards.
via Latest Reform Bill Would Revise HIPAA Standards, Track Medical Devices – iHealthBeat.
The Office of Management and Budget this month unveiled an interactive collection tool called CyberScope that should help agencies fulfill their IT security reporting requirements under the Federal Information Security Management Act.
via Automated FISMA Reporting Tool Unveiled.
The White House Office of Management and Budget does not know how much its departments and agencies specifically spend on IT security, Federal CIO Vivek Kundra told a Senate panel Thursday.
Kundra said he was shocked to learn that the OMB never collected from agencies specific IT security expenditures, just aggregate data, when he took over earlier this year as the OMB’s administrator for e-government and IT, his statutory title.
via Agency Infosec Spend a Mystery to OMB.
Several missing CDs containing unencrypted personal data on 68,000 members of the CalOptima managed care plan have been traced to a secure postal facility in Atlanta. The discs went missing two weeks ago.
via CalOptima recovers discs with personal data on 68,000 members.
A recent study conducted by PriceWaterhouseCoopers on behalf of the Payment Card Industry Security Standards Council shows that end to end encryption and tokenization are the top choices for companies seeking to employ new emerging technologies to protect payment card and other critical data. And both approaches have their public proponents, including Heartland Payment Systems (HPY) CEO Robert Carr, who’s been encryption’s most vocal supporter in the wake of his organization’s historic breach.
via Tokenization Vs. End to End Encryption: Experts Weigh in.
More than 95% of call centres were found to store customers’ credit card details in recordings of phone conversations in breach of industry rules, according to a survey conducted by a call recording technology company.
Veritape said that when it talked to 133 call centre managers, only 39% of them knew about industry rules against the storing of the information and just 3% of them wiped credit card numbers from recordings of phone calls. Veritape provides call recording services to the call centre industry.
via Survey: Call centre data standards ‘routinely ignored’ • The Register.
Homeland Security Department agencies don’t sustain their information security programs year-round or perform continuous monitoring to maintain systems’ accreditations and action plans, according to DHS Inspector General Richard Skinner.
The IG’s findings come from an annual independent evaluation of the department’s information security programs required by the Federal Information Security Management Act (FISMA)
via DHS agencies don’t sustain info security programs, IG says — Federal Computer Week.
The rules, developed in accordance with the Fair and Accurate Credit Transactions Act of 2003 (FACTA), require financial institutions and other organizations classified as “creditors” to develop programs to identify, detect and respond to indications of identity theft. A bill passed this week would amend FACTA and exclude health care, accounting and legal practices with 20 or fewer employees from having to comply with the regulations, set to be enforced starting next month.
via New ID theft rules may not pertain to small businesses – SC Magazine US.
When patients visit a physician or hospital, they know that anyone involved in providing their health care can lawfully see their medical records.
But unknown to patients, an increasing number of outside vendors that manage electronic health records also have access to that data, and are reselling the information as a commodity.
via Medical Records: Stored in the Cloud, Sold on the Open Market | Threat Level | Wired.com.
70 Percent of Surveyed Hospital Security Professionals Say Senior Management Fail to Prioritize Privacy and Data Security
via New Study Reveals Push to Electronic Medical Records Puts Patient Privacy at Risk | Reuters.