Risk Analysis Completed for the Delaware Health Information Network
WEST CHESTER, PA – Best Practice Partners (BPP), a leader in health information technology optimization, is pleased to announce it has completed its risk analysis and assessment of the Delaware Health Information Network (DHIN).
The assessment, conducted at the request of DHIN’s management and board, examined the organization’s privacy and security environment using criteria from the National Institutes of Standards and Technology as well as Federal and State laws and regulations. It was determined that there were no major areas or issues that require corrective action.
“Although we were confident our network was (and remains) secure, we asked Best Practice Partners to conduct a thorough review to determine if adjustments could be made that would enhance the privacy and security of the information we store,” said Dr. Jan Lee, DHIN CEO. “The exercise prompted several constructive discussions regarding industry best practices and will lead to additional improvements in our approach to system security.”
DHIN is the nation’s oldest statewide health information network. The organization has grown to include 100% participation of acute care hospitals in the state, 100% of federally qualified health centers and skilled nursing facilities, and nearly all of Delaware physicians who treat patients. More than 14,000,000 deliveries of clinical results and reports are made on DHIN each year – and the total patient records in the system now exceed 1,600,000, including patients from all 50 states.
Best Practice Partners has a proven information security consulting practice with specific experience building successful information security programs in the healthcare industry that has strict regulatory requirements regarding protection of sensitive information. BPP also operates on a federated partnership model, drawing when necessary on the skills and expertise of outside individuals and organizations that represent Best Practices in their respective fields for the benefit of its clients. For its work with the DHIN, Best Practice Partners partnered with IT security leader, Reclamere, Inc., of Tyrone, PA.
“Our philosophy is that information security is a business enabling function, reducing risk, lowering costs, and protecting the brand,” said Mark Stevens, Best Practice Partners Vice President, and former Executive Director of the Pennsylvania eHealth Initiative. “This is particularly true for Health Information Exchanges (HIEs) and their Business Associates,” Stevens continued. “And as such, an enterprise approach to an information security program is essential to ensure alignment with business objectives and values. Sound governance, the transparency of oversight, clearly articulated business-oriented policies, and culturally-aligned training all contribute to the staff behavior modification that implements security.”
Angie Singer Keating, CEO of Reclamere, Inc., BPP’s partner and the project’s lead onsite coordinator agreed, saying “We understand that not all businesses have the resources to implement costly technical solutions, and strive to identify practical, low cost solutions to meet security control requirements without becoming a barrier to organizational objectives.” Keating, who has spent the past 10 years specializing in computer forensics, data recovery, data destruction, security incident response, information technology risk management, and system auditing, concluded, saying “With experience establishing information security programs, and a mindset to deliver solutions tailored to the healthcare model, we are well positioned to fulfill the information security needs of the DHIN and similar organizations.”
Best Practice Partners is the partner of choice for the world’s leading pharmaceutical, provider, payer, and healthcare organizations, helping them better harness the power of their data through innovative training, consulting, communication, and IT optimization solutions. For more information, please visit https://www.bestpracticepartners.net.
DHIN, the Delaware Health Information Network, is the first live, statewide health information network in the nation. Launched in 2007, today it serves all of Delaware’s acute care hospitals and approaching 100% of the State’s medical providers. More than 14,000,000 clinical results and reports are delivered through DHIN each year. There are a total of 1.6 million unique patients with results on DHIN including patients from all 50 states. DHIN is sharing real-time clinical information to improve patient outcomes, eliminate the duplication of service and reduce the cost of healthcare. For more information about DHIN visit www.DHIN.org or call 302-678-0220. Please also visit us on Facebook, LinkedIn and Twitter (@DHIN_hie).