• News App
  • To:
  • My Turn

    February 01, 2014

    The Cost of Security

    In this issue of RSNA News, I draw your attention to the feature article describing some of the challenges radiologists face as a result of new HIPAA (The Health Insurance Portability and Accountability Act) rules that came into effect in fall 2013.

    I think that everyone would agree that our campaign of always “keeping patients first” means protecting them. Their fundamental safety, of course, is the primary concern, but patients first also means respecting their privacy. When HIPAA became law in April 2003, most of us understood the concept if not exactly the letter of the law.

    As an academic radiologist, I knew enough to make sure that patients’ names were blacked out on images being collected for didactic presentations and that we should refrain from discussing patients in the hospital elevators or cafeteria. But the restrictions imposed by HIPAA have farther reaching implications for handling Protected Health Information, or PHI, than most of us ever imagined.

    With HITECH, the Health Information Technology for Economic and Clinical Health Act, which further spells out some serious consequences of mishandling PHI, things have become even more complicated.

    The issues with HIPAA and HITECH underscore a general problem we’re facing today in America, namely how to maintain data security in what is rapidly becoming an exclusively digital society—where our economic transactions, communications and many services are available only online. We increasingly find ourselves targets of cyberattacks, whether on our personal identity or businesses. When we conduct transactions on “secure servers,” we rely on them to be secure knowing that no such thing truly exists.

    For those of us who conduct our daily patient-related activities with the aid of our desktop computers, tablets and smartphones, our parent organizations require us to be protected by firewalls and load software onto our devices to manage and encrypt our data. These tactics absolve us of personal liability in the event of a data breech, but they come at a cost. Others now have access to what was once “our” data—including our own personal information stored on those devices—floating around in a cloud somewhere.

    On the one hand, individuals need to be assured of their personal security, whatever aspect of it we might be discussing. The judicious use of technology can help with that security, but it’s easy to cross the fine line between watchfulness and invasion of privacy. In the era of big data, that balance point is increasingly less clear and the law of unintended consequences often brings us quickly from the cloud back down to earth.

    Web Extras

    Read "Basics Steps Aid Compliance with Stricter HIPAA Regulations," here.

    David M. Hovsepian, M.D.
    David M. Hovsepian, M.D., is the editor of RSNA News. He is a professor of radiology in the Department of Radiology at Stanford University in California. He also serves on the RSNA Public Information Committee and the Public Information Advisors Network.
    Blank 1x1 pixel GIF
  • comments powered by Disqus

We appreciate your comments and suggestions in our effort to improve your RSNA web experience.

Name (required)


Email Address (required)


Comments (required)





Discounted Dues: Eligible North American Countries 
Costa Rica
Dominican Republic
El Salvador
Netherlands Antilles
St. Vincent & Grenadines
Country    Country    Country 
Afghanistan   Grenada   Pakistan
Albania   Guatemala   Papua New Guinea
Algeria   Guinea   Paraguay
Angola   Guinea-Bissau   Peru
Armenia   Guyana   Phillippines
Azerbaijan   Haiti   Rwanda
Bangladesh   Honduras   Samoa
Belarus   India   Sao Tome & Principe
Belize   Indonesia   Senegal
Benin   Iran   Serbia
Bhutan   Iraq   Sierra Leone
Bolivia   Jordan   Solomon Islands
Bosnia & Herzegovina   Jamaica   Somalia
Botswana   Kenya   South Africa
Bulgaria   Kiribati   South Sudan
Burkina Faso   Korea, Dem Rep (North)   Sri Lanka
Burundi   Kosovo   St Lucia
Cambodia   Kyrgyzstan   St Vincent & Grenadines
Cameroon   Laos\Lao PDR   Sudan
Cape Verde   Lesotho   Swaziland
Central African Republic   Liberia   Syria
Chad   Macedonia   Tajikistan
China   Madagascar   Tanzania
Colombia   Malawi   Thailand
Comoros   Maldives   Timor-Leste
Congo, Dem. Rep.   Mali   Togo
Congo, Republic of   Marshall Islands   Tonga
Cote d'Ivoire   Mauritania   Tunisia
Djibouti   Micronesia, Fed. Sts.   Turkmenistan
Dominica   Moldova   Tuvalu
Domicican Republic   Mongolia   Uganda
Ecuador   Montenegro   Ukraine
Egypt   Morocco   Uzbekistan
El Salvador   Mozambique   Vanuatu
Eritrea   Myanmar   Vietnam
Ethiopia   Namibia   West Bank & Gaza
Fiji   Nepal   Yemen
Gambia, The   Nicaragua   Zambia
Georgia   Niger   Zimbabwe
Ghana   Nigeria    

Legacy Collection 2
Radiology Logo
RadioGraphics Logo 
Tier 1

  • Bed count: 1-400
  • Associate College: Community, Technical, Further Education (UK), Tribal College
  • Community Public Library (small scale): general reference public library, museum, non-profit administration office

Tier 2

  • Bed count: 401-750
  • Baccalaureate College or University: Bachelor's is the highest degree offered
  • Master's College or University: Master's is the highest degree offered
  • Special Focus Institution: theological seminaries, Bible colleges, engineering, technological, business, management, art, music, design, law

Tier 3

  • Bedcount: 751-1,000
  • Research University: high or very high research activity without affiliated medical school
  • Health Profession School: non-medical, but health focused

Tier 4

  • Bed count: 1,001 +
  • Medical School: research universities with medical school, including medical centers

Tier 5

  • Consortia: academic, medical libraries, affiliated hospitals, regional libraries and other networks
  • Corporate
  • Government Agency and Ministry
  • Hospital System
  • Private Practice
  • Research Institute: government and non-government health research
  • State or National Public Library
  • Professional Society: trade unions, industry trade association, lobbying organization