Office of the Chief Privacy Officer Update June 23, 2016 Lucia Savage, JD, Chief Privacy Officer, ONC.

Slides:



Advertisements
Similar presentations
MINISTRY OF HEALTH ACTION PLAN FOR THE PREVENTION AND CONTROL OF ANTHRAX Dr. Marion BullockDuCasse, SMO(H) Director, Emergency, Disaster Management and.
Advertisements

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
Health Insurance Portability and Accountability Act (HIPAA)
Information Sharing and Cross-System Collaboration John Petrila, J.D., LL.M. Professor, University of South Florida
TEXAS SOUTHERN UNIVERSITY INSTITUTIONAL ANIMAL CARE AND USE PROGRAM WORKSHOP OFFICE OF RESEARCH LINDA M. GARDINER, Ph.D. DIRECTOR RESEARCH ENHANCEMENT.
Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.
Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.
Your HIPAA rules Ben Burton, JD, MBA, RHIA, CHP, CHC Notice of Privacy Practices.
Informed Consent and HIPAA Tim Noe Coordinating Center.
2012 Outlook for Federal Contractors Kevin Plexico Vice President, Federal Information Services Deltek, Inc. September 15, 2011.
Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.
Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.
HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
1 Disclosures © HIPAA Pros 2002 All rights reserved.
National Center for Emerging and Zoonotic Infectious Diseases Centers for Disease Control June 14, 2011 : The Food Safety Modernization Act: Implications.
Division of Emergency Management & Homeland Security Department of Emergency Services & Public Protection June 25, 2013 Connecticut All-Hazards Response.
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
ICU and Forensics. 1.Describe information which should be consistently communicated by healthcare providers for those patients thought to be injured due.
“What’s Ethics Got To Do With It” Presentation to the Canberra Evaluation Forum Gary Kent Head Governance Australian Institute of Health and Welfare.
Crosswalk of Public Health Accreditation and the Public Health Code of Ethics Highlighted items relate to the Water Supply case studied discussed in the.
1 Information Sharing Environment (ISE) Privacy Guidelines Jane Horvath Chief Privacy and Civil Liberties Officer.
The Bureaucracy The Real Power?. Objectives Know the organizational structure of the Bureaucracy. Know how the bureaucracy is important in implementing.
The Institutional Review Board: A Community College Toolkit Dr. Geri J Anderson.
S. Lee Woods, M.D., Ph.D. Director, Office of Surveillance and Quality Initiatives Maternal and Child Health Bureau Prevention and Health Promotion Administration.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
ALTERNATIVE BALLAST WATER EXCHANGE AREAS Workshop on Physical and Biological Oceanographic Considerations June 20-22, 2006; Seattle, WA Concepts Federal.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
Intelligence Reform & Terrorism Act – The Act – Intelligence Reform & Terrorism Act – The Act – -The Process- Centers for Disease Control and Prevention.
CIFOR Council to Improve Foodborne Outbreak Response CIFOR Guidelines and CIFOR Toolkit Donald J. Sharp, MD, DTM&H Food Safety Office National Center for.
What is a Public Health Assessment? “The evaluation of data and information on the release of harmful substances into the environment in order to assess.
1 Overview of HIT Policy Committee’s Privacy Hearing Jodi Daniel, JD, MPH Director, Office of Policy and Research Office of the National Coordinator for.
Davis Wright Tremaine LLP The Seventh National HIPAA Summit HIPAA Privacy: Privacy Rule Compliance on Public Health Activities and Research Thomas E. Jeffry,
Overview of ONC Report to Congress on Health Information Blocking Presented to the Health IT Policy Committee, Task Force on Clinical, Technical, Organizational,
PHDSC Privacy, Security, and Data Sharing Committee Letter to Governors.
Healthcare Privacy and Security After September 11 The HIPAA Colloquium At Harvard University August 20, 2002 Presented by: Lauren Steinfeld Privacy Consultant,
Legal Responsibilities for Studies Conducted or Supported by HHS Michael A. Carome, M.D. Associate Director for Regulatory Affairs Office for Human Research.
AND CE-Prof, Inc. January 28, 2011 The Greater Chicago Dental Academy 1 Copyright CE-Prof, Inc
Health Insurance Portability and Accountability Act (HIPAA) © 2013 Project Lead The Way, Inc.Principles of Biomedical Science.
Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.
Ethical, legal and social aspects of public health genomics Mark Taylor, School of Law, University of Sheffield 7 th November 2014.
FUNDAMENTALS OF PUBLIC HEALTH Joseph S Duren Lopez Community & Public Health - HCA415 Instructor: Adriane Niare November 10, 2015.
Public Health IT Privacy, Confidentiality and Security of Public Health Information This material (Comp13_Unit2) was developed Columbia University, funded.
U.S. Department of Education Office of Special Education Programs Discipline.
2011 Annual May Workshop The Australian Privacy Law Reform Project: a snapshot Karin Clark 4 May 2011.
Health Insurance Portability and Accountability Act
Nassau Association of School Technologists
COCE Institutional Review Board Academic Spotlight
Disaster and Emergency Planning
Director, Regulation and Strategy
How did you do?!!!.
Obligations of Educational Agencies: Parents’ Bill of Rights
Health Insurance Portability and Accountability Act
MILTECH Study Update LtCol PJ Zimmerman, USMC
HIPAA Pros - Disclosures
How Trauma Changes over Time
Multichannel Learning System (MLS) Research Protocol Requirements
PSO Overview for (name of organization’s) PSES Workgroup
GDPR For The Voluntary Sector
The activity of Art. 29. Working Party György Halmos
Informed Consent (SBER)
Introduction to: National Response Plan (NRP)
Enforcement and Policy Challenges in Health Information Privacy
Exploring 45 CFR , Criteria for IRB Approval of Research
Panelists ASIS International – Dr. Marc Siegel, Security Management System Consultant, ASIS International Disaster Recovery Institute International (DRII)
PSO Overview for (name of organization’s) PSES Workgroup
Prevention, Intelligence
The National Data Guardian review & Government response
Evidence-Based Public Health
Unit 14 Emergency Planning IS 235
Maryland Postpartum Infant and Maternal Referral Form
Presentation transcript:

Office of the Chief Privacy Officer Update June 23, 2016 Lucia Savage, JD, Chief Privacy Officer, ONC

ONC OCPO Update Security and Cybersecurity Next round of fact sheets: Sharing for Public Health purposes Clarifying about Opting in and Opting Out 2

Cyber Information Sharing Act of 2016 Internal Analysis and Reporting (b)(1)) Report.— (1) IN GENERAL.—Not later than 1 year after the date of enactment of this Act, the Secretary shall submit to the Committee on Health, Education, Labor, and Pensions of the Senate and the Committee on Energy and Commerce of the House of Representatives a report on the preparedness of the Department of Health and Human Services and health care industry stakeholders in responding to cybersecurity threats. Threat Sharing Task Force (c) Health Care Industry Cybersecurity Task Force.—(1) IN GENERAL.—Not later than 90 days after the date of the enactment of this Act, the Secretary, in consultation with the Director of the National Institute of Standards and Technology and the Secretary of Homeland Security, shall convene health care industry stakeholders, cybersecurity experts, and any Federal agencies or entities the Secretary determines appropriate to establish a task force to— Security Standards Task Force (d) Aligning Health Care Industry Security Approaches.—(1) IN GENERAL.— The Secretary shall establish, through a collaborative process with the Secretary of Homeland Security, health care industry stakeholders, the Director of the National Institute of Standards and Technology, and any Federal entity or non-Federal entity the Secretary determines appropriate, a common set of voluntary, consensus-based, and industry-led guidelines, best practices, methodologies, procedures, and processes that 3

Ethical Hacking According to Politico Cybersecurity May 12, 2016: »Defense Secretary Ash Carter said he was impressed by the "Hack the Pentagon" program, the first phase of which ends today. More than 1,400 hackers signed up for the bug bounty pilot initiative targeting Pentagon websites, with more than 80 bugs discovered that qualified for payouts so far. "All of this is helping us be more secure, at a fraction of the cost that exhaustively diagnosing ourselves would take," he said. "And we believe this approach, effectively crowd-sourcing cybersecurity, has great potential for us, as it does for a number of you around the table." ‘ If ethically hacking the Pentagon is helpful, how could this help security in the healthcare sector? Why does this not occur more? 4

Public Health Activities (sample) Example from 45 CFR (b) A covered entity may use or disclose protected health information for the public health activities and purposes described in this paragraph to »(i) A public health authority that is authorized by law to collect or receive such information for the purpose of preventing or controlling disease, injury, or disability, including, but not limited to, the reporting of disease, injury, vital events such as birth or death, and the conduct of public health surveillance, public health investigations, and public health interventions... »(iv) A person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading a disease or condition, if the covered entity or public health authority is authorized by law to notify such person as necessary in the conduct of a public health intervention or investigation; or 5

Basic Choice: When is Opting required by law and what are the implications of such a requirement? 6 New research is helpful: Downing, et al, “Health information exchange policies of 11 diverse health systems and the associated impact on volume of exchange” Journal of AMIA, June 17, 2016, nt/early/2016/06/14/jamia.ocw063 Objective: to examine the relationship between electronic exchange of patient health information across organizations and organizational HIE policy decisions. We focused on 2 key decisions: whether to automatically search for information from other organizations and whether to require HIE-specific patient consent.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.