Connecting the Dots Between Information Governance and Information Security Creates Value Greater than the Sum of the Parts
Immersive’s Stephanie Crabb was a principal contributor to this article published in the June, 2017 issue of For The Record. As we ready ourselves for the AHIMA Privacy and Security Institute and National Convention, it’s worth a second read (or a first read) for sure. As always, it was our pleasure to contribute.
Improve Security Through Information Governance
By Elizabeth S. Goar
For The Record
Vol. 29 No. 6 P. 20
Breaking free of the “analytics and integrity” box in which it was once pigeonholed, information governance (IG) has emerged as a powerful weapon in the quest for heightened data security. In fact, some HIM experts consider IG to be the “next evolution of security for health care” as organizations seek to protect critical clinical claims and patient data against a steady influx of new access points.
“Organizations are dealing with an increasingly more complex web of legislation, external threats, and complex data uses. Privacy and security are overlapping disciplines that need to address information challenges through expansion of their compliance programs to an enterprisewide initiative,” says Kathy Downing, MA, RHIA, CHP, PMP, director of HIM practice excellence at AHIMA. “IG is a framework that includes key concepts from privacy, security, compliance, risk management, data governance, and life cycle management. Expanding security efforts through IG includes a broader view of information from the HIPAA-required electronic protected health information [ePHI] to all of the organization’s information.”
Stephanie Crabb, cofounder and principal of Immersive, which provides health data lifecycle management solutions, says IG “calls us to think about the data/information lifecycle differently, which impacts the way we think about information security. A tenet of IG, enterprise information management, specifically its information lifecycle management aspects, gets us thinking about the protections across time and across all of the repositories where information lives and where it flows.
“In a mature and high-performing IG program, data and information have a clear value. That value may change over time,” she adds. “As that value changes, so do the levels of security protection that we put around the information and often depending on where it is stored—onsite vs long-term digital preservation vs easy-access cloud.”
Read the rest of the article here: http://www.fortherecordmag.com/archives/0617p20.shtml