Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
October 15, 2006 — CIO —
In 2001, Ron Uno, manager of information management at Kuakini Health Systems, made the decision to move his hospital’s medical records system from paper to computers. The main motivation for the costly, multiyear project? The Health Insurance Portability and Accountability Act, or HIPAA, the then five-year-old federal law that sets standards for protecting the security and privacy of American medical records. If the hospital had an electronic medical records (EMR) system, Uno reasoned, it would be easier to monitor who was accessing sensitive patient information and to comply with the law’s privacy and security regulations.
Five years later, Uno is halfway through implementing an EMR system. He estimates that Kuakini, a nonprofit with $275 million in revenue that operates a 250-bed hospital and a 200-bed long-term care facility in Honolulu, has spent $10 million to $15 million on implementing the system and other technologies to help it comply with HIPAA. "Even though we’re a small hospital, we’re trying to comply as much as we can," says Uno, who is closing in on full HIPAA compliance, though he’s not there yet.
The Long, Hard Road to Compliance
A decade after HIPAA was signed into law, CIOs like Uno are still struggling to comply with its provisions. Some lack the resources to fully meet the requirements of this complex set of rules; others seem to feel little need to hurry since the federal government has not aggressively enforced the law. So it comes as no surprise to learn that HIPAA compliance rates appear to be slipping.
Fewer hospitals and healthcare facilities are fully complying with the law this year than in 2005, according to a recent survey by the American Health Information Management Association (AHIMA), a professional organization for health information executives. And more than one-quarter of U.S. security executives whose organizations need to be HIPAA-compliant admit that they are not, according to "The Global State of Information Security 2006," a study released last month by CIO and PricewaterhouseCoopers.
These findings stand in sharp contrast to the billions of dollars invested by healthcare CIOs in technologies to protect medical records, including EMRs, firewalls, remote monitoring systems, intrusion detection, auditing software and encryption programs. HIPAA compliance rates declined across institutions of all sizes, but specialists say the problem is most acute at small to midsize hospitals with their limited budgets. "Smaller hospitals with thinner margins and smaller IT budgets will have a more difficult time being compliant," says Gartner analyst Robert Booz.
The Business Case for Web Application Firewalls, by Ken Tyminski, former VP and CISO for the Prudential Insurance Company of America
BlackBerry in the Regulatory Spotlight - A White Paper by Day Pitney LLP
Stop mobility from jeopardizing PCI compliance with these best practices.
Putting Enterprise Communications on Autopilot
Improving Mobile Access to Data
Operational Excellence Is Key to Maximizing IT Investments
Endpoint Security: Compliance at the Endpoint
Paving the Way for Trusted Collaboration
Find out what Forrester says about mobile endpoint security and its management.
Grassroots Data Governance with SAP MDM
The CIO's Guide To Harnessing Enterprise 2.0
What's Next? Real Answers for Tough Times
A crystal ball won't provide the answers you need.
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Consolidation May Hit Worldwide PC Market, IDC Says
Networking Glitch Knocks Yahoo Offline for Some
Entellium Files Bankruptcy, Intuit Eyeing Assets
Forrester: How to Squeeze Your Vendors
Security, Civil Liberties Experts Question Data-Mining
Microsoft Tools Build Bridge Between OpenXML, Other Formats
Microsoft Market Share Slips: Pressure's On for Windows 7 and IE8
Shoppers Opened Their Wallets on Cyber Monday
Windows 7 Beta Slated for Mid-January Release
Entellium Files Bankruptcy, Intuit Eyeing Assets
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
