Project MED INF 403 DL Winter 2008 Group 3. Group Members Michael Crosswhite Maureen Farrell Julia Hernandez R Steven McDonald Jennifer Ogg David Robbins.

Slides:



Advertisements
Similar presentations
HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.
Advertisements

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
HIPAA Health Insurance Portability and Accountability Act.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”
CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.
 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
Are you ready for HIPPO??? Welcome to HIPAA
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
5/3/2015. PHR is a tool for collecting, tracking and sharing important, up-to-date information about an individual’s health or the health of someone.
Electronic Health Records Danielle P. Berthelot, RHIA Director, Health Information Management and Cancer Registry Privacy Officer Woman’s Hospital.
 Group: GTR ver M  Grace Chen  Taru Singhal  Robert Szymanek  Michael Parker.
ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.
Columbia University Medical Center Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy & Information Security Training 2009.
RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.
© 2009 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Career Education Computers in the Medical Office Chapter 2: Information Technology.
The Use of Health Information Technology in Physician Practices
HIPAA PRIVACY AND SECURITY AWARENESS.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
Forms Management: Compliance, Security & Workflow Efficiencies.
HITSP’s Scope  The Panel’s mission is to assist in the development of a Nationwide Health Information Network (NHIN) by addressing the standards-related.
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web 1 Component 4/Unit 2Health IT Workforce Curriculum.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Securing Patient-Related Data: The Impact of HIPAA Module VI NUR 603 Russ McGuire.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 6 The Privacy and Security of Electronic Health Information.
Understanding HIPAA (Health Insurandce Portability and Accountability Act)
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
MU and HIPAA Compliance 101 Robert Morris VP Business Services Ion IT Group, Inc
HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
Working with HIT Systems
HIPAA Health Insurance Portability and Accountability Act of 1996.
Health Insurance portability and Accountability Act (HIPAA)‏
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
Lessons Learned from Recent HIPAA Breaches HHS Office for Civil Rights.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
Configuring Electronic Health Records Privacy and Security in the US Lecture b This material (Comp11_Unit7b) was developed by Oregon Health & Science University.
HIPAA Overview Why do we need a federal rule on privacy? Privacy is a fundamental right Privacy can be defined as the ability of the individual to determine.
Final HIPAA Rule Special Training What you need to know to remain compliant with the new regulations.
© 2014 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.
The Health Insurance Portability and Accountability Act (HIPAA) requires Plumas County to train all employees in covered departments about the County’s.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill/Irwin Chapter 6 The Privacy and Security of Electronic Health Information.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 3 This material was developed by Oregon Health & Science University,
1 HIPAA’s Impact on Depository Financial Institutions 2 nd National Medical Banking Institute Rick Morrison, CEO Remettra, Inc.
Information Security and Privacy in HRIS
HIPAA THE PRIVACY RULE Reviewed December 2012.
Lesson 1- Introduction to Electronic Health Records
Understanding HIPAA Dr. Jennifer Lu.
HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT
Disability Services Agencies Briefing On HIPAA
The Health Insurance Portability and Accountability Act
Lesson 1: Introduction to HIPAA
Lesson 1- Introduction to Electronic Health Records
Presentation transcript:

Project MED INF 403 DL Winter 2008 Group 3

Group Members Michael Crosswhite Maureen Farrell Julia Hernandez R Steven McDonald Jennifer Ogg David Robbins

Overview The Problem: –Much time is wasted-valuable time for both patients and medical staff alike-in filling out medical paper forms, which often contain redundant information.

Overview Proposal: –The solution we have in mind is inexpensive to implement, highly-portable, secure, and easily adopted: ideally patient information would be stored electronically on a thumb drive, thus obviating the need for organization and storage of large amounts of paper forms.

Group #3 Workflow Diagram The patient enters their medical history on the USB pen drive. The patient carries the USB pen drive to each of their health providers. The health care provider may update the EMR for this patient. The health care provider may choose to print the patient medical history to paper. - OR - The patient enters their PIN or fingerprint to authorize the transfer of data to the provider. Health Provider Computer Health Provider Computer Health Provider Computer Health Provider Computer

Group #3 Technical Diagram Standard USB Pen Drive to contain the patient’s Personal Medical History data. Minimum capacity of the USB Pen Drive of 64Mb to successfully store medical history data. Cost of device approximately $25 depending on capacity.

Group #3 Technical Diagram All data stored on the device must be encrypted to ensure privacy and security. Autorun application is installed on USB Pen drive to transmit Personal Medical History data from the pen drive to the Healthcare provider’s computer or Electronic Medical Record system. The Patient’s personal medical history data is stored in an XML format for easy transfer and display.

Group #3 Technical Diagram The patient can update the data on the pen drive anytime new information is available. Optionally, If the storage capacity allows… the patient may store electronic X-ray images or other documents on the pen drive to transport from one health care provider to another.

Personal Health Information Who owns Personal Health Information? Traditionally, Health Information “belongs” to the healthcare entity that captures or records the information. According to the Markle survey, the majority of Americans believe they could gain more control and effect ownership over their healthcare by using EHRs e.g., portable thumb drive. At issue is the top concern for most Americans concerning EHRS: misuse of personal data.

The HIPAA Privacy Rule Issues of security, privacy and protection of the electronic exchange of PHI fall under the auspices of the Privacy Rule of HIPAA. The Privacy Rule address the use/disclosure of PHI by organizations subject to rule (covered entities). A covered entity may use PHI 1). As Privacy Rule permits ad 2). With individual’s written consent. There are several exceptions that do not require consent. Disclosure of PHI should be “minimum necessary” and on a “need to know” basis.

Application of Privacy Rule to thumb drive. Patient needs to be assiduous about password. It should not be decipherable and should be changed regularly. The PHI loaded on thumb drive must be secured through encryption of data and possibly use biometric delimiters to decrypt data. The thumb drive should be received (provider’s location) solely by an authorized “need to know” person or designee. The authorized person should have access only to the “minimum necessary” information needed to accomplish job.

High Level Technical Requirements Form Factor: –Easy to carry. Easy to identify. Cost effective. Premium versions. Security: Unauthorized Access Prevention –Data is sole property of device owner and the owner is the only one who can grant and allow access. Security: Virus Prevention –Portable devices can spread viruses between computer systems. An effective virus control scheme must by employed.

High Level Technical Requirements (cont) Security: Data Storage and Transaction Encryption –Data must be stored and transacted in a way that prevents unauthorized access. Capacity –Sufficient capacity to store platform and text. Docking Mechanism –Widely available and adopted mechanism should be used to limit costs.

High Level Technical Requirements (cont) Docking MechanismRead / Write Compatibility –Do not limit the types of machines that can read / write to the device. Backup –Backup is optional in case of loss, damage or theft. The limited scope of the data included on the device doesn’t require extensive backup schemes.

Financial Analysis Refer to Spreadsheet

Conclusion This will help providers because the office visit is enhanced, and the interaction is more problem focused on the patient complaint vs. spending time on redundant information. Patient’s medical information is more readily available, accurate, and accessible. Overall this increases patient satisfaction, and improves general medical care.

Questions Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.