« “Log everything” | Main | Security Strategies for the Recession »

March 20, 2009


Saqib Ali

This will increase the cost of the handling patients’ personal data, and that cost will be passed on to the patients. I think the Health Care Providers should be allowed to purchase the encryption solutions under General Services Administration (GSA) SmartBUY discounts to keep the costs low.

Robert Jueneman

The emphasis in the HITECH act seems to be on confidentiality and safeguarding PII, especially when information is transmitted outside the physical boundary of the health care establishment. This level of legal protection is already being required for all health care providers doing business in the State of California.

But the HITECH act also contains a stated requirement for accuracy and an implied need for the availability of the information.

The DOD/GSA SmartBUY program has focussed on the confidentiality aspect of the problem, primarily with software-based Full Disk Encryption packages that do nothing to provide confidentiality while the data is in transit, and also does nothing to protect the data against bit-rot (or contamination by malware) in storage, or the possibility of undetected data transmission errors.

The comments to this entry are closed.

  • Burton Group Free Resources Stay Connected Stay Connected Stay Connected Stay Connected

Blog powered by Typepad