As we all know from recent publicity, including the theft of a Veterans Affairs laptop and media criticism of the lack of HIPAA enforcement, privacy of medical data is becoming increasingly controversial. The implications of these issues was explored at our July 21 meeting. The VA incident reminds us that a single incident can be disastrous and send ripple effects through healthcare policy and practices across the country.
Information technology continues to become more complicated, requiring greater knowledge from IT professionals, while at the same time the security threats get stronger and more sophisticated. The net result is an IT security problem that looms over an industry that depends on computers and patient data.
At the meeting, we had several speakers lead a discussion of these issues, including Matthew Schmid of Telemus Solutions, who discussed security risks and the growing threat (particularly from state-sponsored attacks). Matthew summarized the most recent FBI cyber crime report, discussed some basic security principles (such as Defense-in-Depth), and described specific measures to avoid hacking. Maria Horton of emesec E-Security Solutions also discussed defensive techniques for protecting security, and Edgar Bueno of Pillsbury Winthrop Shaw Pittman, formerly a prosecutor with the Office of the Inspector General, discussed the status of HIPAA enforcement. Matthew and Maria's power points are attached.
We will also have a round-table discussion of other cutting edge issues in health care technology and presentations by our members on their own technology activities. Jay Flounlacker of Clerepath Solutions summarized his company's technology and methods for improving the performance of small and medium sized companies in accomplishing important business objectives, such as clinical trials.