The National Health Service (NHS) oversees health services in England, and under that government’s direction sets strategic objectives for the health care system as a whole. The other constituent countries of the United Kingdom (UK) – Scotland, Wales and Northern Ireland – similarly have their own public-health agency each. Any UK resident may obtain health services through any of these independent organizations – either for free or at a much lower price than through a private provider.
Last year, NHS celebrated its 70th anniversary. The milestone prompted a national conversation about the role and future of that organization. In part in response to that debate, the agency prepared and recently released “The NHS Long Term Plan,” outlining its vision for servicing public health in the next decade. A previous strategic document, “NHS Five Year Forward View” (2014), created a foundation for the current planning by setting in motion some of the initiatives that are now being projected to be spread to the entire system.
Continue reading “England’s National Health Service Long Term Plan Envisions NHS-wide Adoption of Digital Tools”
Health care is one of the most complex and socially impactful areas of digitalization. Ensuring cybersecurity of health care operations, therefore, is of paramount importance – because potential vulnerabilities may lead not only to financial or technical exposures, but to lapses in life-or-death situations for patients.
To assist practitioners with education and guidelines, and in pursuance of Cybersecurity Act of 2015 (Public Law 114-113), Section 405(d), the Department of Health and Human Services created a “405(d) Task Group” in May 2017, involving, more than 150 health care and cybersecurity experts. The result of their collaborative work became a voluntary guideline entitled “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients,” which was released at the end of 2018.
Continue reading “HHS Task Group Releases Cybersecurity Guidelines for the Health Care Industry”
Recently, the MITRE Corporation, in collaboration with the U.S. Food and Drug Administration (FDA), announced the release of the Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook. The Playbook was designed to provide “tools, references, and resources” for Healthcare Delivery Organizations (HDOs) to better prepare for and respond to medical device cybersecurity incidents.
Continue reading “New Handbook Provides Guidance to Healthcare Delivery Organizations on Preparation and Response to Medical Device Cybersecurity Incidents”
UMass Memorial Medical Center, Inc., and UMass Memorial Medical Group, Inc. (collectively, UMass) has agreed to pay $230,000 to settle claims alleging that that they violated the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA), and various other state patient privacy laws.
Continue reading “Employee’s Illegal Access to Patient Records Results in Data Breach of 15,000 Patients: Hospital System to Pay for Violations”
The Department of Health and Human Services, Office for Civil Rights (OCR) announced three separate settlements with Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital (MGH), respectively, over potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule totaling $999,000. According to the settlements, the potential violations were the result of the alleged disclosure of patient protected health information (PHI) to ABC News employees during the production and filming of the docuseries called “Save My Life: Boston Trauma,” at each hospital.
Continue reading “Three Separate OCR Settlements Resulting from Hospital Failures to Obtain Patient Authorization for Use of Protected Health Information Before Filming Television Docuseries”
The Centers for Medicare and Medicaid Services (CMS) recently released their Final Rule for the Promoting Interoperability Program formerly known as the Medicare and Medicaid Electronic Health Record Incentive Programs.
CMS had previously published a Proposed Rule and a request for feedback from the public related to improving interoperability and the sharing of electronic medical records between providers, and between providers and patients, which we covered in a May blog post. CMS has stated that the purpose of the Final Rule is to “advance the agency’s priority of creating a patient-centered health care system by achieving greater price transparency, interoperability, and significant burden reduction so that hospitals can operate with better flexibility and patients have what they need to be active healthcare consumers.”
Continue reading “CMS Releases Final Rule for Promoting Interoperability Program”