Health Information Exchange Security

Think about the last time you visited the doctor, or dentist. How did you make your appointment? Did you call to schedule an appointment or did you book it online? Were your charts in a manila folder or on a laptop? If you were prescribed medicine, did the doctor write a prescription on a piece of paper or send it electronically? Did the pharmacy have all of your doctor’s and insurer’s information when you arrived? Depending on your provider, your experience may have varied, but one thing is certain – HealthCare information will one day all be digital.

Health Information Exchange (HIE) is the term used to describe the sharing of electronic health information according to national standards. Doing this has many implications not only for HealthCare providers, insurers, and hospitals, but also privacy implications for individuals. The Health Insurance Portability and Accountability Act (HIPAA) established guidelines for the confidentiality and security and standardization of an individual’s electronic health information – commonly referred to as Electronic Health Records (EHR).  A patient’s healthcare information can be transferred to several entities such as insurers, billing warehouses, different doctors, and pharmacies. However, many of the systems between these organizations are disparate, and lack a common level of interoperability, not to mention security.

These issues are still being worked out and the Healthcare community is making progress towards EHR standardization and the interoperability of Health Information Exchanges. As the healthcare industry continues to evolve and as EHR ’s become the standard, protecting this information will also become an ongoing task. Fraudsters are constantly exploiting weaknesses in industries such as retail and financial services to gain access to an individual’s financial and personal information. Cyber security experts estimate that the value of a patient’s stolen medical records to be almost 15 times more than a social security number to criminals. This is due mainly to the fact that a medical record cannot be canceled like a financial account. It is imperative that access to EHR’s be protected by strong Identity Verification and User Authentication methods. For more information on Identity Verification and Authentication for HealthCare visit IDology at

Filed Under: Blog Tagged With:

News & Events

Upcoming Events