At a panel discussion during the Becker's CIO Roundtable Nov. 4, panelists discussed current issues in privacy and data security. Panelists included Feisal Nanji, the executive director of Techumen, Bobbie Byrne, MD, CIO of Edward Hospitals in Naperville, Ill., and Meggan Bushee, an associate with McGuireWoods law firm.
During the panel, the participants discussed what new challenges have arisen in the space of HIPAA and data security in the last five years.
Dr. Byrne, a pediatrician, mentioned some challenges associated with the data privacy for younger patients. "We still do some things in the name of privacy that are pretty darn asinine," she said, noting privacy and data security laws "have not caught up" to the way adolescents are and how they use technology. For example, sharing information with adolescent patients' parents through MyChart is hindered by age and consent laws, she said. The problems come up now, as opposed to five years ago, because of increasing online access to medical records.
Mr. Nanji has seen a different set of challenges arise in the last half decade. One of the main challenges he has seen is the issue of networked medical devices. "CIOs now have significant responsibility to make sure networked medical devices are secure," he says.
Offering a legal perspective, Ms. Bushee said one of the biggest challenges with HIPAA that has arisen recently is a new requirement that hospital business associates must comply with components of HIPAA. In light of this change it has become important to "vet your vendors and do some due diligence to make sure they have policies and procedures in place" before signing a contract, she said.