The term "data rich and information poor" has been used to describe EMRs. Patient records are often packed with data, but that data is less than helpful if it is difficult to find at a moment's notice.
The HIPAA Security Rule preamble reinforces training "criticality" and restates the standard, "We require training of the workforce as reasonable and appropriate to carry out their functions in the facility." Security training is essential.
The ICD-10 implementation deadline is just around the corner, so hospitals must carefully assess their systems and processes to ensure things go smoothly on and after October 1.