Document Detail

Security practices and regulatory compliance in the healthcare industry.
MedLine Citation:
PMID:  22955497     Owner:  NLM     Status:  MEDLINE    
OBJECTIVE: Securing protected health information is a critical responsibility of every healthcare organization. We explore information security practices and identify practice patterns that are associated with improved regulatory compliance.
DESIGN: We employed Ward's cluster analysis using minimum variance based on the adoption of security practices. Variance between organizations was measured using dichotomous data indicating the presence or absence of each security practice. Using t tests, we identified the relationships between the clusters of security practices and their regulatory compliance.
MEASUREMENT: We utilized the results from the Kroll/Healthcare Information and Management Systems Society telephone-based survey of 250 US healthcare organizations including adoption status of security practices, breach incidents, and perceived compliance levels on Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, Red Flags rules, Centers for Medicare and Medicaid Services, and state laws governing patient information security.
RESULTS: Our analysis identified three clusters (which we call leaders, followers, and laggers) based on the variance of security practice patterns. The clusters have significant differences among non-technical practices rather than technical practices, and the highest level of compliance was associated with hospitals that employed a balanced approach between technical and non-technical practices (or between one-off and cultural practices).
CONCLUSIONS: Hospitals in the highest level of compliance were significantly managing third parties' breaches and training. Audit practices were important to those who scored in the middle of the pack on compliance. Our results provide security practice benchmarks for healthcare administrators and can help policy makers in developing strategic and practical guidelines for practice adoption.
Juhee Kwon; M Eric Johnson
Related Documents :
22101177 - Massive obstetric haemorrhage with disseminated intravascular coagulopathy.
11881697 - Developmental evolution of expertise in diabetes self-management.
10178547 - How to use the internet.
17195657 - Spatial and temporal dynamics of overwintering homalodisca coagulata (hemiptera: cicade...
25125887 - Pharmacological aspects of nerium indicum mill: a comprehensive review.
20405807 - Should metapopulation restoration strategies increase patch area or number of patches?
Publication Detail:
Type:  Journal Article; Research Support, U.S. Gov't, Non-P.H.S.     Date:  2012-09-06
Journal Detail:
Title:  Journal of the American Medical Informatics Association : JAMIA     Volume:  20     ISSN:  1527-974X     ISO Abbreviation:  J Am Med Inform Assoc     Publication Date:  2013 Jan 
Date Detail:
Created Date:  2012-12-17     Completed Date:  2013-05-23     Revised Date:  2014-01-09    
Medline Journal Info:
Nlm Unique ID:  9430800     Medline TA:  J Am Med Inform Assoc     Country:  United States    
Other Details:
Languages:  eng     Pagination:  44-51     Citation Subset:  IM    
Export Citation:
APA/MLA Format     Download EndNote     Download BibTex
MeSH Terms
American Recovery and Reinvestment Act
Cluster Analysis
Computer Security*
Discriminant Analysis
Guideline Adherence*
Health Care Surveys
Health Insurance Portability and Accountability Act
Medical Informatics*
United States

From MEDLINE®/PubMed®, a database of the U.S. National Library of Medicine

Previous Document:  Next-generation phenotyping of electronic health records.
Next Document:  Insight into the ultrastructural organisation of sporulated oocysts of Eimeria nieschulzi (Coccidia,...