Document Detail


Security practices and regulatory compliance in the healthcare industry.
MedLine Citation:
PMID:  22955497     Owner:  NLM     Status:  MEDLINE    
Abstract/OtherAbstract:
OBJECTIVE: Securing protected health information is a critical responsibility of every healthcare organization. We explore information security practices and identify practice patterns that are associated with improved regulatory compliance.
DESIGN: We employed Ward's cluster analysis using minimum variance based on the adoption of security practices. Variance between organizations was measured using dichotomous data indicating the presence or absence of each security practice. Using t tests, we identified the relationships between the clusters of security practices and their regulatory compliance.
MEASUREMENT: We utilized the results from the Kroll/Healthcare Information and Management Systems Society telephone-based survey of 250 US healthcare organizations including adoption status of security practices, breach incidents, and perceived compliance levels on Health Information Technology for Economic and Clinical Health, Health Insurance Portability and Accountability Act, Red Flags rules, Centers for Medicare and Medicaid Services, and state laws governing patient information security.
RESULTS: Our analysis identified three clusters (which we call leaders, followers, and laggers) based on the variance of security practice patterns. The clusters have significant differences among non-technical practices rather than technical practices, and the highest level of compliance was associated with hospitals that employed a balanced approach between technical and non-technical practices (or between one-off and cultural practices).
CONCLUSIONS: Hospitals in the highest level of compliance were significantly managing third parties' breaches and training. Audit practices were important to those who scored in the middle of the pack on compliance. Our results provide security practice benchmarks for healthcare administrators and can help policy makers in developing strategic and practical guidelines for practice adoption.
Authors:
Juhee Kwon; M Eric Johnson
Related Documents :
23908857 - Lean management-the journey from toyota to healthcare.
8918117 - U.s. army vector control (preventive medicine) operations during operation restore hope...
17524397 - Incubator management in an assisted reproductive technology laboratory.
19992447 - Some practical considerations in the control of louse-borne typhus fever in great brita...
15986747 - Alternative, complementary, energy-based medicine for spinal cord injury.
22035977 - Prevention of venous thromboembolism after hip or knee arthroplasty: findings from a 20...
Publication Detail:
Type:  Journal Article; Research Support, U.S. Gov't, Non-P.H.S.     Date:  2012-09-06
Journal Detail:
Title:  Journal of the American Medical Informatics Association : JAMIA     Volume:  20     ISSN:  1527-974X     ISO Abbreviation:  J Am Med Inform Assoc     Publication Date:  2013 Jan 
Date Detail:
Created Date:  2012-12-17     Completed Date:  2013-05-23     Revised Date:  2014-01-09    
Medline Journal Info:
Nlm Unique ID:  9430800     Medline TA:  J Am Med Inform Assoc     Country:  United States    
Other Details:
Languages:  eng     Pagination:  44-51     Citation Subset:  IM    
Export Citation:
APA/MLA Format     Download EndNote     Download BibTex
MeSH Terms
Descriptor/Qualifier:
American Recovery and Reinvestment Act
Cluster Analysis
Computer Security*
Confidentiality*
Discriminant Analysis
Guideline Adherence*
Health Care Surveys
Health Insurance Portability and Accountability Act
Humans
Medical Informatics*
United States
Comments/Corrections

From MEDLINE®/PubMed®, a database of the U.S. National Library of Medicine


Previous Document:  Next-generation phenotyping of electronic health records.
Next Document:  Insight into the ultrastructural organisation of sporulated oocysts of Eimeria nieschulzi (Coccidia,...