WELCOME

Capella has been designated a National Center of Academic Excellence in Information Assurance Education (CAEIAE) by the National Security Agency and the U.S. Department of Homeland Security. Capella’s information security curriculum meets the NSA Committee on National Security Systems standards 4011, 4013, 4014.

This center provides access to resources, tools, and the latest information regarding information assurance as a way to enhance understanding in this field of study.

CNSS Certification

The NSA’s Information Assurance Courseware Evaluation (IACE) Review Committee has validated that Capella’s information security curriculum meets the Committee on National Security Systems (CNSS) National Standards 4011, 4013, (and 4014 coming). Learn what this means to a Capella learner.

ARCHIVES

Current Topics

« Department of Defense (DoD) selects Capella University graduate student for Information Assurance Scholarship
Cybersecurity Czar Candidate = Federated Identity? »


Prioritizing Values

From Mary Brown | June 29th, 2009

I have recently been attending a range of webinar meetings being held by federal and private healthcare stakeholders that are trying to get their arms around the Health IT mandates that are included in the Obama stimulus and health reform plans. The big cahuna in healthcare is the HIPAA security and privacy regulations that were meant to protect the private health information of individuals.The HIPAA law was laid on top of existing state and local rules that were already in existance at the time that HIPAA was passed.  For some states, these existing laws were more stringent than the HIPAA rules which means that they ‘trump’ HIPAA.
 
This situation was created largely because of the influence of special interests on the final langugage that was able to be passed as HIPAA security and privacy rules.  The result is a patchwork of privacy and security rules that are state specific and are standing in the way of health information exchange.  
 
For those of us who have long been on the side of privacy and security it seems as though the value of being able to exchange health information is being viewed, in some situations, as contrary to the value of security and privacy.
 
Do you believe that it is possible to meet all of the ambitious goals of health information exchange and still protect the privacy and security of the data?  If not, how do you see this all shaking out in the end and, if forced to choose, which do you see as the more important action, data exchange or security and privacy?
 

 

Tags: , , , , ,

You can leave a response, or trackback from your own site.

2 Responses to “Prioritizing Values”

  1. Glenn Swaffield says:
    July 11th, 2009 at 7:13 pm

    I believe that it is possible to create a viable exchange of health information, while still keeping the privacy and security intact. The only problem is that there too many politicians who are involved in the process, that are not looking at the best interest of the many, but for the few.

    There will always be a battle of keeping privacy and security ahead of those looking to subvert the system for some type of gain. It seems that there are so many laws on the books that end up hindering innovation of technology.

    Will the goals be met from the stimulus and healthcare reforms? I think that is yet to be seen and I fear will lead to more legislation that continues to make the solution further from our reach.

  2. Mary Brown says:
    July 14th, 2009 at 12:23 pm

    I’ve spent the day listening to the HIT Policy Committee hearings on EHR certification. There is concern that the rush to IT will force providers to rush to bad systems which will do more harm than good in the long run.

    My experience so far is when there is a conflict between what supports privacy and what is needed to meet the timeline, it is the timeline that trumps in almost all cases.

    The one comment that strikes me most from the day is the idea that we will do the minimum necessary up front and then bolt on additional solutions at the backend. Those of us who do security for a living know that this retrofitting does not generally happen, lets the horse out of the gate and is much more expensive than doing it right the first time.

    It will indeed be interesting to see what happens next :)

Leave a Reply

Let us know what you think. All comments will be reviewed prior to going live. Comments that are profane or obscene, or unrelated to the topic of the post will not be published.

Categories

RESOURCES

NEWS FEEDS

META

CAPELLA CONNECTION

Capella University offers several degree programs which specialize in the information assurance and security field. Visit one of the links below for more information.

To learn more about Capella, please visit http://www.capella.edu or call 1.888.CAPELLA, option 2, to speak to an enrollment counselor.

Capella University