X
GO
Overview

Data monitoring, from the highest level down to the patient level is critical to identifying trends, gaining insights, and communicating transparently with staff and stakeholders. Data monitoring approaches such as dashboarding are used to display data in a simple and intuitive way, allowing a snapshot of performance on selected measures to see changes or areas for improvement. Business intelligence systems such as population health management analytics allows for the monitoring of the health of a whole patient population, stratified by various characteristics, thereby supporting care planning, resource allocation, and training opportunities. Resources in this section include tools to begin dashboarding, considerations for taking the next step with population health management and guidance on how to navigate the many factors of any data monitoring approach.

Monitoring and Communicating with Data
Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients

Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients

A publication of the Cybersecurity Act of 2015, Section 405(d) Task Group

The HIPAA Security Rule establishes the requirements for protection of electronic patient health information. The safeguards identified are made up of three domains that include administrative, physical, and technical safeguards that need to be addressed. The technical safeguards as defined within 45 CFR §164.312 of the HIPAA Security Rule can be some of the most difficult to comprehend and implement for smaller Health Centers with lower levels of IT and security staffing. Resources and tools that help Health Centers better process and implement these security requirements are much needed and require well-documented methods for planning and maintaining critical security controls.

Toward this objective, in 2017, HHS established the CSA 405(d) Task Group, which leveraged the Healthcare and Public Health (HPH) Sector Critical Infrastructure Security and Resilience Public-Private Partnership and was made up of over 100 participants and experts across domains that include cybersecurity, privacy, healthcare practitioners, and Health IT organizations.

In December of 2018 this task force published the Health Industry Cyber Preparedness (HICP) document, which is a cyber-preparedness “cookbook” designed to assist small providers in prioritizing cybersecurity threats and implementing controls to address them. 

The publication includes a main document, two technical volumes, and a set of resources and templates that include:

Documents to download

Print
29308
Intended AudienceCIO, CSO, CISO, Health Center Leadership, Security Staff

Acknowledgements

This resource collection was compiled by the HITEQ Center staff with guidance from HITEQ Advisory Committee members and collaborators of the HITEQ Center.

Need Assistance?
Would you like more assistance regarding Health IT Enabled QI strategies or support in using any of the included resource sets?

  Request Support

 

Upcoming Events
The Quadruple Aim
Quadruple Aim

A Conceptual Framework

Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim

Learn More >