1 Disclaimer The following information was presented by Andrew Levy of the Office of General Counsel of DHS on June 12, 2007 at the 2007 Chemical Sector.

Slides:

Advertisements

Similar presentations

Procedural Safeguards

Advertisements

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.

Minimum Necessary Standard Version 1.0

NJDEP Right to Enter Pete Madan Greg Davis. N.J.S.A 2C:29-1 Obstructing Administration of Law or Other Governmental Function.

HIPAA Privacy Rule Training

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

NAU HIPAA Awareness Training

WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

Dheeraj Agarwal Ethics Advisor Health Resources and Services Administration U.S. Dept. of Health and Human Services.

Securing the Chemical Sector: An Outline of the Chemical Facility Anti-Terrorism Standards (CFATS) Program May 2008.

Chemical Facility Anti-terrorism Standards (CFATS) Compliance Plan Overview prepared by The Office of Environmental Health & Safety 1.

March 19, 2009 Changes to HIPAA Privacy and Security Requirements Joel T. Kopperud Scott A. Sinder Rhonda M. Bolton.

Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.

Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Code of Federal Regulations Title 42, Chapter 1, Subchapter A Part 2 – CONFIDENTIALITY OF ALCOHOL AND DRUG ABUSE PATIENTS BRYANT D. MILLER CAC II, MAC,

Community Facility Loans/Grants Architect Flow Chart Owner has need for project. RD Area Office is contacted. RD visits project site and discusses project.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Version 6.0 Approved by HIPAA Implementation Team April 14, HIPAA Learning Module The following is an educational Powerpoint presentation on the.

Informed Consent and HIPAA Tim Noe Coordinating Center.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

2 H. Westley Clark, M.D., J.D., M.P.H., CAS, FASAM Director Center for Substance Abuse Treatment Substance Abuse Mental Health Services Administration.

HIPAA Health Insurance Portability & Accountability Act of 1996.

Fraud, Waste & Abuse DEFICIT REDUCTION ACT OF 2005 Presented by: MARCH Vision Care, 2013.

Tina Kraigher and Milena Podjed-Fabjančič 18 April 2010 Processing of Telephone Traffic Data of Employees ( a Case Study )

Securing the Chemical Sector: An Overview of the Chemical Facility Anti-Terrorism Standards August 29, 2007 Ronald E. Miller Inspector.

HIPAA PRIVACY AND SECURITY AWARENESS.

HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,

1 Freedom of Information (Scotland) Act 2002 A strategic view.

707 KAR 1:360 Confidentiality of Information. Section 1: Access Rights 1) An LEA shall permit a parent to inspect and review any education records relating.

BTOP OVERSIGHT WASHINGTON D.C. MAY 2012 U.S. DOC Inspector General Recovery Act Oversight Task Force 1.

DEPARTMENT OF MANAGEMENT SERVICES OFFICE OF INSPECTOR GENERAL.

1 Investigating Fraud & Abuse Violations in Medical Research Janet Rehnquist, Esq. Venable LLP th Street, NW Washington, DC

Privacy and the Civil Commitment Process Allyson K. Tysinger Assistant Attorney General June 4-5, 2008.

1 Information Sharing Environment (ISE) Privacy Guidelines Jane Horvath Chief Privacy and Civil Liberties Officer.

INTERNATIONAL E-DISCOVERY: WHEN CULTURES COLLIDE Alvin F. Lindsay Hogan & Hartson LLP.

Brette Kaplan, Esq. Erin Auerbach, Esq. Brustein & Manasevit, PLLC Spring Forum 2013

HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.

VI. Developing a VSMP Program General Stormwater Training Workshop.

HIPAA PRACTICAL APPLICATION WORKSHOP Orientation Module 1B Anderson Health Information Systems, Inc.

FAMIS CONFERENCE Mari M. Presley, Assistant General Counsel Florida Department of Education June 12, 2012.

UMBC POLICY ON ESH MANAGEMENT & ENFORCEMENT UMBC Policy #VI

Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.

Tad and Terry Legal Issues in ILP. 28 CFR Part 23 The federal rule that governs or provides guidance for these issues. § 23.3 Applicability: These policy.

Administrative Law The Enactment of Rules and Regulations.

Session 8 Confidentiality and disclosure. 1 Contents Part 1: Introduction Part 2: The duty of confidentiality Part 3: The duty of disclosure Part 4: Confidentiality.

HIPAA Privacy Rule Implementation Status Report Richard M. Campanelli, J.D. Director, Office for Civil Rights Before the The Tenth National HIPAA Summit.

19 th Theater Support Command Inspector General NEED ASSISTANCE? Before You Tell it to Your Inspector General….Give Your Chain of Command a Chance to Solve.

Implementation of the Personal Data Protection law of Georgia Giorgi Giorganashvili Head of IT department of the Office of the personal data protection.

1 The Public Interest Disclosure (Whistleblower Protection) Act.

TOP 10 DHS IT SECURITY & PRIVACY BEST PRACTICES #10 Contact The Office of Systems & Technology for appropriate ways to proceed if you need access to.

VETERANS HEALTH ADMINISTRATION SLIDE 0 New Requirements for VA ORD Investigators: Implementation of Data Management and Access Plans.

Indiana’s Public Access Laws Heather Willis Neal Indiana Public Access Counselor Indiana Association of Cities and Towns Red Flag and Sunshine Workshop.

Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.

Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.

Lawrence J. Bohlen Manager Member Services & Education Local Government Insurance Trust __________________________________ MACO Winter Conference January.

Fifteenth Board Meeting Geneva, April 2007 Ethics Committee Annual Report Professor Sheila Dinoshe Tlou, M.P., POH (Chair) Dr Brian Brink (Vice Chair)

Freedom of Information Act ‘What you need to know’ Corporate Information Governance Team Strategic Intelligence.

Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.

HIPAA Privacy Rule Training

Tomball Independent School District Annual Confidentiality Training

Complying with Maryland’s Open Meetings Act

Obligations of Educational Agencies: Parents’ Bill of Rights

Data protection issues in regulatory investigations

An Introduction to Public Records Office of the General Counsel

Privacy & Access to Information

Disability Services Agencies Briefing On HIPAA

HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.

Fingerprint Based Criminal History Records

State of florida tax information sharing Paula Barfield August 5, 2015

Presentation transcript:

1 Disclaimer The following information was presented by Andrew Levy of the Office of General Counsel of DHS on June 12, 2007 at the 2007 Chemical Sector Security Summit in Falls Church, VA. The information contained in this presentation is for information only and should not be construed as complete for compliance purposes.

Introduction to Chemical-terrorism Vulnerability Information (CVI)

3 Legal Foundation Section 550 of the 2007 DHS Approps Act provides, in part, that: “[I]nformation developed under this section,... shall be given protections from public disclosure consistent with [Sensitive Security Information (SSI)]... Provided, That in any proceeding to enforce this section,... Information submitted or obtained under this section... shall be treated as if the information were classified material.” Subpart D (Section ) of the Interim Final Rule describes in detail the rules for access, maintenance, safeguarding and disclosure of CVI.

4 What is CVI? Top-screens Site Vulnerability Assessments Site Security Plans Notices of determination or deficiency Compliance orders Derivative products Requests for re- determination Sensitive correspondence between facilities and DHS Inspection findings, Audit records

Who may access CVI? Need to Know Defined by 6 CFR Part 27 CSCD requirements, including CVI training and NDA Decision by information holder or appropriate federal, state or local official

6 Covered Persons Individuals who have a “need to know” CVI, as defined in section (e) of the IFR Anyone who otherwise receives or gains access to what they know or reasonably should know constitutes CVI

7 Authorized User Requirements Federal employees: CVI on-line training All other covered persons, including chemical facility employees and their contractors: CVI on- line training and non-disclosure agreement

8 “Need to Know” If access is required to: –Carry out facility security activities approved, accepted, funded, recommended, or directed by the Department –Receive training to carry out security activities... –Supervise or otherwise manage individuals carrying out security activities... –Provide technical or legal advice to a covered person who has a need to know Federal employees, contractors and grantees if required for the performance of official duties If DHS determines access is required for enforcement proceedings

Information Flow

10 Disclosure to Private 3 rd Parties Chemical facilities may disclose CVI to interested third parties (e.g., insurers) so long as facilities: (1) provide notice to DHS; and (2) require that the third parties sign an NDA and complete on-line CVI training. The NDA must prohibit further disclosures of CVI.

11 Other Federal Obligations The IFR does not prohibit chemical facilities from complying with obligations they may have to provide information to the EPA or other Federal agencies. These obligations, however, do not require facilities to provide CVI. Pieces of information by themselves, or compiled for purposes other than the IFR, do not constitute CVI. –Example: the IFR does not prohibit a chemical facility from providing a Chemical Weapons Convention inspector a list of chemicals on-site even though that same information may be included in a Top-Screen and the Top-Screen does constitute CVI.

12 Disclosure in Administrative and Judicial Proceedings Section 550 provides that CVI must be treated like classified material in enforcement proceedings. DHS may provide CVI to covered persons and their counsel for use in administrative or judicial enforcement proceedings. –USG can attempt to prevent disclosure in judicial proceedings by requesting that court accept a redacted version or a summary substitute. CVI is not available in litigation unrelated to the enforcement of section 550, except at the discretion of DHS.

13 Resources Procedural Manual –Safeguarding requirements –NDA template –MOA template On-line Authorized User Training –

14 Questions? Contact Information: Greg Waldrip ext. 419 (office) (mobile)