May 15, 2001 Achieving a High Degree of Data Reliability PHI Data Reliability.

Slides:

Advertisements

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

Advertisements

The Enterprise Guide to Video Conferencing Created using iThoughts [...] [...]

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,

ATTENTION This presentation breaks down the purchasing process into 6 steps, which are then detailed in the subsequent slides. While responding from either.

Network Design and Implementation

9 - 1 Computer-Based Information Systems Control.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Security Controls – What Works

Chapter 19: Network Management Business Data Communications, 4e.

Managing the Information Technology Resource Jerry N. Luftman

Chapter 12 Strategies for Managing the Technology Infrastructure.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Concepts of Database Management Seventh Edition

Physical and Cyber Attacks1. 2 Inspirational Quote Country in which there are precipitous cliffs with torrents running between, deep natural hollows,

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

CIS 310 Management Information Systems Infrastructure.

WHS Management Plans.

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.

ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

Information Security Technological Security Implementation and Privacy Protection.

Chapter 10: Computer Controls for Organizations and Accounting Information Systems

ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – Tel: +972-(0) Fax:

Unit 6, Chapter 12 LAN Installation & Operation. Objectives Describe the installation and operation of a LAN. Describe the necessary management criteria.

Term 2, 2011 Week 3. CONTENTS The physical design of a network Network diagrams People who develop and support networks Developing a network Supporting.

Concepts of Database Management Sixth Edition

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.

Concepts of Database Management Eighth Edition

ITSC Writing an Operational Security Plan E. Jane Powanda FISSEA 2005 Conference March 22,

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

Eliza de Guzman HTM 520 Health Information Exchange.

Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.

ACM 511 Introduction to Computer Networks. Computer Networks.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.

Business Data Communications, Fourth Edition Chapter 11: Network Management.

Working with HIT Systems

Chapter 2 Securing Network Server and User Workstations.

HIPAA Implementation Case Study: Disease Management Christine M. Gershtein RN, MSN LifeMasters Supported SelfCare, Inc. Irvine, CA.

Database Administration

1 5/18/2007ã 2007, Spencer Rugaber Architectural Styles and Non- Functional Requirements Jan Bosch. Design and Use of Software Architectures. Addison-Wesley,

Computer Architecture CIS 222 Computer Architecture CIS 222.

Chapter 12 The Network Development Life Cycle

IS3220 Information Technology Infrastructure Security

Syo-401 Question Answer. QUESTION 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the.

INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.

Win Phillips, Ph.D Win Phillips, Ph.D. Clinical Assistant Professor University of Missouri Columbia, MO.

Database Security Threats. Database An essential corporate resource Data is a valuable resource Must be strictly controlled, managed and secured May have.

Computer Technology: Your Need to Know Chapter 1 Slide 1.

«My future profession»

Blackboard Security System

Classifications of Software Requirements

APPLICATION RISK AND CONTROLS

Information Technology (IT) Department

Cloud Testing Shilpi Chugh.

County HIPAA Review All Rights Reserved 2002.

Database Security &Threats

HIPAA Security Standards Final Rule

PLANNING A SECURE BASELINE INSTALLATION

Introduction to the PACS Security

Presentation transcript:

May 15, 2001 Achieving a High Degree of Data Reliability PHI Data Reliability

May 15, Reliability Components  Availability –Where needed –When needed –How needed –(Only) to whom needed  Correctness –Latest information –Right patient –New information is quickly forwarded; passes sanity checks –Appropriate action is easily taken

May 15, It’s the Whole System… Data Reliability is a function of ALL of the components in the entire delivery chain.

May 15, Component Reliability  Access device  Transmission  Infrastructure: internal and external  Technology hardware and software  Change management  Maintenance procedures  People

May 15, Access Device  Functional –Operating correctly –Help Desk support –“Loaner” devices available  User is familiar with application –Training program –Easily upgraded –KISS

May 15, Transmission  Network is available –Internal –External  Network engines function correctly –Protocol error-checking routines –Encryption/authentication functions –Biometric tolerances are reasonable  Speed and throughput match application needs

May 15, Infrastructure  Power availability and distribution  Conditioning: cooling, heating  Access control to premises along entire delivery chain  Resistant structures and engineering  Life support functions

May 15, Technology  Fault-tolerance and redundancy  Alternate routing  MTBF and MTTR  Software testing and implementation process  Effective data and software safety processes: –Backup –Recovery –Restoration

May 15, Technology Change Management  Emergency fix vs. Scheduled change  Process oversight: change methodology –Specification and design –Unit testing; interface testing –Certification –Parallel testing –Documentation  Scheduling

May 15, Ongoing Maintenance Procedures  Infrastructure –Monitoring –Testing –Scheduled activity –Competence –Engineering  Technology Hardware –Monitoring –Spare parts inventory –Capacity management

May 15, People  Right person for the job  Correct levels of compensation  Screening and clearances  Monitoring and auditing  Signed confidentiality statements  Surveillance and spot checks  Sensitivity to behavior changes  Enforcement, enforcement, enforcement

May 15, Complexity Complicates….  Number of interfaces –Communications –Software –Platforms  Number of players/organizations  Vendor contracts/management  Change testing/scheduling  Capacity management  Operational maintenance contracts/management

May 15, Wireless Implications  PDA wireless devices may be a good answer to point-of-service PHI access –Small, portable: assists in viewing privacy –Some clinician familiarity –Easy to restrict access  Challenges: –Biometric authentication; encryption; non-repudiation –Administration of access privileges in remote population –Potential routing complexity

May 15, Countermeasures  Single Points of Failure in Delivery Chain: –Analysis and identification –Fault tolerance –Redundancy  High-reliability infrastructure engineering and maintenance  Respect of detailed technology methodology for change management: hardware and software  “Sanity-checking” AI engines