Smart card technology helps protecting health records

Findings detailed in the white paper include:

• Smart cards augment the security of electronic medical records (EMRs)/electronic health records (EHRs) by providing strong authentication,
• Smart cards can carry digital certificates which provide the highest level of trust in identity management for the exchange of data across networks,
• Smart cards are used in federal standards for identity verification, data access and security (e.g., the FIPS 201 Personal Identity Verification (PIV) standard for Federal employee and contractor identification cards).

Meanwhile a new report, "Privacy and Security in Health Care: A Fresh Look," released by the Deloitte Center for Health Solutions, identifies the risks associated with privacy and security breaches in health care. The report offers guidance about preparedness for health plans, life science organizations and health information technology solutions providers, as well as federal and state health agencies, to help minimize potential privacy and security threats as health reform drives increased exchange of online health information.

Deloitte's report outlines a basic approach for health care industry stakeholders to assess their current preparedness across three key areas:

• Risk Management – Help identify and assess data security risks to develop appropriate security controls to mitigate or avoid risk,
• Security and Privacy Program – Develop and implement policies, procedures and training needs to mitigate or avoid risk,
• Compliance – Verify organization conformance to its policies and standards.

This helps reduce organizational risk; creates customer trust and confidence in an organization's protection of personal health information; and reduces potential for financial penalties due to reasonable cause or willful neglect.