Improve Security Through Information Governance

Smart organizations will take these discrete concepts and connect them to form a synergistic relationship.

Breaking free of the “analytics and integrity” box in which it was once pigeonholed, information governance (IG) has emerged as a powerful weapon in the quest for heightened data security. In fact, some HIM experts consider IG to be the “next evolution of security for health care” as organizations seek to protect critical clinical claims and patient data against a steady influx of new access points.

The key to establishing IG initiatives—or retrofitting existing ones—that elevate security efforts is purposeful planning. It requires examining the overall governance framework—from policies and procedures and inventory and issues management to due diligence and termination policies—to determine where IG can best mitigate risk by closing security gaps.

“It is very much a planning process. There’s a rigor and an entire structure that must be put together that is all about managing vulnerabilities and risk,” says Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission. “When we talk about stratification [or] the inherent risk methodology, it means looking at all aspects of organizations, then evaluating each of those areas against the stratification matrix to determine how each area fits into it. How are we going to respond to each of those in the event any one area is compromised? That’s the rigor and structure that organizations need to have” when designing security-boosting IG initiatives.

To read the full article, visit For the Record.