Categories

Tag: Hacking HIPAA

You Need a Cyber Team

By KIM BELLARD

Maybe you, like me, are an Olympics fan (in my case: Summer Games, track & field).  Most Americans look forward eagerly to the Super Bowl, while the rest of the world (and, increasingly, many in the U.S.) are waiting for the World Cup.  But too few of us are aware that next summer will be the inaugural International Cyber Security Challenge, an esports event that pits teams from multiple countries against each other in cybersecurity skills.  The U.S. is sending a 25 person team.  

So what, you might say?  Well, if you work in healthcare (or any industry, for that matter), or use any kind of digital device, you should care.  Ransomware attacks on healthcare organizations continue to proliferate. The Colonial Pipeline cyberattack this past spring illustrated the weakness of other parts of our critical infrastructure, and we’ve all almost certainly had some of our personal data exposed in data breaches.    

We’re in a war, but it’s not clear that we have the right army, with the right weapons, ready to fight it. Thus the U.S. Cyber Games.

Continue reading…

Hacking HIPAA

Join me in attacking an endemic problem in health care today by Hacking HIPAA. I am crowdfunding the development of a new legal form to be used on and after September 23, 2013 to allow patients to opt-in to easier health care communications – a Common Notice of Privacy Practices that is patient-focused. (Text me, please! Email me, please! etc.)

Depending on how much support this project garners, we can attack some related problems as well. Contributions at any level are welcome; contributions at the levels designated on the Hacking HIPAA Medstartr page get you a seat at the virtual table, voicing your concerns that need to be met in the CNPP and in follow-on projects.

I’m working on this project with two leading health care open source software developers, Ian Eslick and Fred Trotter. Check out Fred’s video intro to the project on the Medstartr page – you can find Ian and Fred online via the links on the project page, too.

Here’s an excerpt from the crowdfunding project page:

The Problem

Right now we have the worst of all worlds with regards to patient privacy in healthcare. Patients are frequently subject to sub-standard security and privacy practices AND healthcare innovators are unable to deliver solutions that would be useful to patients because their technical approaches are uncomfortably novel for health care bureaucrats. Patients end up getting poor security and no innovation, the worst of all options. This problem is going to get worse before it gets better, since the new Omnibus HIPAA Rule will make cloud hosting of health care projects untenable very soon. 

Continue reading…