Presentation is loading. Please wait.

Presentation is loading. Please wait.

Office of the Chief Privacy Officer Update June 23, 2016 Lucia Savage, JD, Chief Privacy Officer, ONC.

Published byDaniella Weaver Modified over 8 years ago

Similar presentations

Presentation on theme: "Office of the Chief Privacy Officer Update June 23, 2016 Lucia Savage, JD, Chief Privacy Officer, ONC."— Presentation transcript:

1 Office of the Chief Privacy Officer Update June 23, 2016 Lucia Savage, JD, Chief Privacy Officer, ONC

2 ONC OCPO Update Security and Cybersecurity Next round of fact sheets: Sharing for Public Health purposes Clarifying about Opting in and Opting Out 2

3 Cyber Information Sharing Act of 2016 Internal Analysis and Reporting (b)(1)) Report.— (1) IN GENERAL.—Not later than 1 year after the date of enactment of this Act, the Secretary shall submit to the Committee on Health, Education, Labor, and Pensions of the Senate and the Committee on Energy and Commerce of the House of Representatives a report on the preparedness of the Department of Health and Human Services and health care industry stakeholders in responding to cybersecurity threats. Threat Sharing Task Force (c) Health Care Industry Cybersecurity Task Force.—(1) IN GENERAL.—Not later than 90 days after the date of the enactment of this Act, the Secretary, in consultation with the Director of the National Institute of Standards and Technology and the Secretary of Homeland Security, shall convene health care industry stakeholders, cybersecurity experts, and any Federal agencies or entities the Secretary determines appropriate to establish a task force to— Security Standards Task Force (d) Aligning Health Care Industry Security Approaches.—(1) IN GENERAL.— The Secretary shall establish, through a collaborative process with the Secretary of Homeland Security, health care industry stakeholders, the Director of the National Institute of Standards and Technology, and any Federal entity or non-Federal entity the Secretary determines appropriate, a common set of voluntary, consensus-based, and industry-led guidelines, best practices, methodologies, procedures, and processes that 3

4 Ethical Hacking According to Politico Cybersecurity May 12, 2016: »Defense Secretary Ash Carter said he was impressed by the "Hack the Pentagon" program, the first phase of which ends today. More than 1,400 hackers signed up for the bug bounty pilot initiative targeting Pentagon websites, with more than 80 bugs discovered that qualified for payouts so far. "All of this is helping us be more secure, at a fraction of the cost that exhaustively diagnosing ourselves would take," he said. "And we believe this approach, effectively crowd-sourcing cybersecurity, has great potential for us, as it does for a number of you around the table." ‘ If ethically hacking the Pentagon is helpful, how could this help security in the healthcare sector? Why does this not occur more? 4

5 Public Health Activities (sample) Example from 45 CFR 164.512(b) A covered entity may use or disclose protected health information for the public health activities and purposes described in this paragraph to »(i) A public health authority that is authorized by law to collect or receive such information for the purpose of preventing or controlling disease, injury, or disability, including, but not limited to, the reporting of disease, injury, vital events such as birth or death, and the conduct of public health surveillance, public health investigations, and public health interventions... »(iv) A person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading a disease or condition, if the covered entity or public health authority is authorized by law to notify such person as necessary in the conduct of a public health intervention or investigation; or 5

6 Basic Choice: When is Opting required by law and what are the implications of such a requirement? 6 New research is helpful: Downing, et al, “Health information exchange policies of 11 diverse health systems and the associated impact on volume of exchange” Journal of AMIA, June 17, 2016, http://jamia.oxfordjournals.org/conte nt/early/2016/06/14/jamia.ocw063 Objective: to examine the relationship between electronic exchange of patient health information across organizations and organizational HIE policy decisions. We focused on 2 key decisions: whether to automatically search for information from other organizations and whether to require HIE-specific patient consent.

Download ppt "Office of the Chief Privacy Officer Update June 23, 2016 Lucia Savage, JD, Chief Privacy Officer, ONC."

Similar presentations

MINISTRY OF HEALTH ACTION PLAN FOR THE PREVENTION AND CONTROL OF ANTHRAX Dr. Marion BullockDuCasse, SMO(H) Director, Emergency, Disaster Management and.

MINISTRY OF HEALTH ACTION PLAN FOR THE PREVENTION AND CONTROL OF ANTHRAX Dr. Marion BullockDuCasse, SMO(H) Director, Emergency, Disaster Management and.
The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)
Information Sharing and Cross-System Collaboration John Petrila, J.D., LL.M. Professor, University of South Florida

Information Sharing and Cross-System Collaboration John Petrila, J.D., LL.M. Professor, University of South Florida
TEXAS SOUTHERN UNIVERSITY INSTITUTIONAL ANIMAL CARE AND USE PROGRAM WORKSHOP OFFICE OF RESEARCH LINDA M. GARDINER, Ph.D. DIRECTOR RESEARCH ENHANCEMENT.

TEXAS SOUTHERN UNIVERSITY INSTITUTIONAL ANIMAL CARE AND USE PROGRAM WORKSHOP OFFICE OF RESEARCH LINDA M. GARDINER, Ph.D. DIRECTOR RESEARCH ENHANCEMENT.
Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.

Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.
Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.

Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.
Your HIPAA rules Ben Burton, JD, MBA, RHIA, CHP, CHC Notice of Privacy Practices.

Your HIPAA rules Ben Burton, JD, MBA, RHIA, CHP, CHC Notice of Privacy Practices.
Informed Consent and HIPAA Tim Noe Coordinating Center.

Informed Consent and HIPAA Tim Noe Coordinating Center.
2012 Outlook for Federal Contractors Kevin Plexico Vice President, Federal Information Services Deltek, Inc. September 15, 2011.

2012 Outlook for Federal Contractors Kevin Plexico Vice President, Federal Information Services Deltek, Inc. September 15, 2011.
Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.
Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.

Technician Module 2 Unit 8 Slide 1 MODULE 2 UNIT 8 Prevention, Intelligence & Deterrence.
HIPAA The Privacy Rule 2003. Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law 104-191,

HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
1 Disclosures © HIPAA Pros 2002 All rights reserved.

1 Disclosures © HIPAA Pros 2002 All rights reserved.
National Center for Emerging and Zoonotic Infectious Diseases Centers for Disease Control June 14, 2011 : The Food Safety Modernization Act: Implications.

National Center for Emerging and Zoonotic Infectious Diseases Centers for Disease Control June 14, 2011 : The Food Safety Modernization Act: Implications.
Division of Emergency Management & Homeland Security Department of Emergency Services & Public Protection June 25, 2013 Connecticut All-Hazards Response.

Division of Emergency Management & Homeland Security Department of Emergency Services & Public Protection June 25, 2013 Connecticut All-Hazards Response.
Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.

Critical Infrastructure Protection Overview Building a safer, more secure, more resilient America The National Infrastructure Protection Plan, released.
ICU and Forensics. 1.Describe information which should be consistently communicated by healthcare providers for those patients thought to be injured due.

ICU and Forensics. 1.Describe information which should be consistently communicated by healthcare providers for those patients thought to be injured due.
“What’s Ethics Got To Do With It” Presentation to the Canberra Evaluation Forum Gary Kent Head Governance Australian Institute of Health and Welfare.

“What’s Ethics Got To Do With It” Presentation to the Canberra Evaluation Forum Gary Kent Head Governance Australian Institute of Health and Welfare.
Crosswalk of Public Health Accreditation and the Public Health Code of Ethics Highlighted items relate to the Water Supply case studied discussed in the.

Crosswalk of Public Health Accreditation and the Public Health Code of Ethics Highlighted items relate to the Water Supply case studied discussed in the.

Similar presentations

Ads by Google