Presentation is loading. Please wait.

Presentation is loading. Please wait.

February 3, 2009 Bridging Academic and Medical Cultures Academic Research Systems and HIPAA William K. Barnett Anurag Shankar.

Published byArleen Porter Modified over 8 years ago

Similar presentations

Presentation on theme: "February 3, 2009 Bridging Academic and Medical Cultures Academic Research Systems and HIPAA William K. Barnett Anurag Shankar."— Presentation transcript:

1 February 3, 2009 Bridging Academic and Medical Cultures Academic Research Systems and HIPAA William K. Barnett Anurag Shankar

2 Agenda IU, IU Bloomington, and IU School of Medicine Academic and Medical Research Cultures IU Organization for Information Assurance Strategic Positioning and Execution October 1, 2016Customize footer: View menu/Header and Footer

3 October 1, 2016Customize footer: View menu/Header and Footer 50

4 Research Need Conflicts @ IU October 1, 2016Customize footer: View menu/Header and Footer Academic Researcher Needs Control Sensitive Control Sensitive Schedule Insensitive Schedule Insensitive Security Insensitive Security Insensitive No Subject Privacy Concerns No Subject Privacy Concerns Expert Users Expert Users Budget Sensitive Budget Sensitive Medical School Researcher Needs Control Sensitive (but different) Control Sensitive (but different) Schedule Sensitive Schedule Sensitive Security Sensitive Security Sensitive Subject Privacy Concerns Subject Privacy Concerns Inexpert Users Inexpert Users Budget Insensitive Budget Insensitive

5 Research Need Synergies @ IU Rapidly Growing Data Increasing use of Computational Approaches Security Threat Increases Growth of Online Tools Local to National Collaborations October 1, 2016Customize footer: View menu/Header and Footer Academic Researcher Needs Medical School Researcher Needs

6 Unique IT Organization at IU University Information Technology Service (UITS) provides services for all 8 IU campuses Information Assurance is managed by UITS, reports to Board of Trustees Center for Applied Cybersecurity Research (CACR) a leader in privacy policy research Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) leadership at IU Office of Research Administration NOW covers both IU Bloomington and IU Medical School campuses – IRB and Compliance October 1, 2016Customize footer: View menu/Header and Footer

7 UITS at IU Office of the VP of IT and CIO at Indiana University Research Technologies (RT) Learning Technologies Support Enterprise Software Enterprise Infrastructure Networks School of Medicine CIO October 1, 2016Customize footer: View menu/Header and Footer

8 Research Technologies (RT) at IU High Performance Systems Big Red (30.7 TeraFLOPS) Quarry (7 TeraFLOPS) Research File System with 500 TB Mass Store archive with 4 PB (4,000 TB) High Speed Parallel Storage with 1 PB Advanced Visualization Laboratories High Performance Applications and Grids Life Sciences, including IUSM Advanced IT Core October 1, 2016Customize footer: View menu/Header and Footer

9 What are the HIPAA Rules? Privacy Rule Policies and standards for protected health information (PHI) For ‘covered entities’ (those who manage PHI) Security Rule Security of PHI in electronic form (ePHI) Transactional Rule Electronic billing and electronic claims October 1, 2016Customize footer: View menu/Header and Footer

10 What is the HIPAA Security Rule? It Does Deal with electronic protected health information (ePHI) In databases, files, compute systems, in transit Represent a real legal and trust threat It is NOT A standard (but NIST 800-53 is) It cannot be complied with It is not certifiable It IS Auditable by CMS (Health and Human Svcs) October 1, 2016Customize footer: View menu/Header and Footer

11 Strategic Positioning for HIPAA Establish Information Protection for Privacy and Security (IPPS) oversight Committee and Review Process Office of Research Administration, Compliance Office IUSM CIO IUSM Faculty IU Information Assurance (Policy and Implementation) UITS Enterprise Infrastructure Director of High Performance Systems, Research Technologies October 1, 2016Customize footer: View menu/Header and Footer

12 IPPS Committee Role Review Progress Provide Advice Act as Advocate with Medical Researchers Provide Signoff on ability to handle ePHI October 1, 2016Customize footer: View menu/Header and Footer IPPS Committee Goals Prevent violation of patient privacy Prevent loss of customer trust

13 Implementation Process 1.Establish RT Implementation Group 2.Outside Consultant for Gap Analysis 3.Establish Controls and fill gaps with RT-wide team 4.Outside Consultant for Risk Analysis (required) 5.90% of work was documenting controls 6.Establish ongoing Risk Management Plan 7.Change the way RT does business, including biannual review 8.Education and tools for Medical and Academic Researchers October 1, 2016Customize footer: View menu/Header and Footer

14 Questions? Bill Barnett, Indiana University, barnettw@iu.edubarnettw@iu.edu Anurag Shankar, Indiana University, ashankar@iu.eduashankar@iu.edu October 1, 2016Customize footer: View menu/Header and Footer Thank you!

Download ppt "February 3, 2009 Bridging Academic and Medical Cultures Academic Research Systems and HIPAA William K. Barnett Anurag Shankar."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
A Guide to Compliant Data Management

A Guide to Compliant Data Management
1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.

1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
Presents: Weekly HIPAA Teleconference Revised 10-16-02.

Presents: Weekly HIPAA Teleconference Revised
ICN PresentationHIPAA Compliance Training February 5, 2003 Presented by the State of Iowa Enterprise HIPAA Compliance Project Office and.

ICN PresentationHIPAA Compliance Training February 5, 2003 Presented by the State of Iowa Enterprise HIPAA Compliance Project Office and.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Randy Benson RHQN Executive Director May, 2012. Compliance Issues During Survey Compliance Officers monitor healthcare facilities (hospitals and clinics)

Randy Benson RHQN Executive Director May, Compliance Issues During Survey Compliance Officers monitor healthcare facilities (hospitals and clinics)
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.

CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
Bill Barnett, Bob Flynn & Anurag Shankar Pervasive Technology Institute and University Information Technology Services, Indiana University CASC. September.

Bill Barnett, Bob Flynn & Anurag Shankar Pervasive Technology Institute and University Information Technology Services, Indiana University CASC. September.
August 9, 2005UCCSC Converting Policy to Reality Building Campus Security Programs Karl Heins -- Director of IT Audit Services Office of the University.

August 9, 2005UCCSC Converting Policy to Reality Building Campus Security Programs Karl Heins -- Director of IT Audit Services Office of the University.
University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.

University of Guelph IT Security Policy Doug Blain Manager, IT Security ISC, April 27th.
Steps to Compliance: Electronic Devices Overview PRESENTED BY.

Steps to Compliance: Electronic Devices Overview PRESENTED BY.
Steps to Compliance: Risk Assessment PRESENTED BY.

Steps to Compliance: Risk Assessment PRESENTED BY.
Living with HIPAA: Compendium of Next steps from Rural Hospitals to Large Health Systems to Physician Practices Presented by HIPAA Pros 5th Annual HIPAA.

Living with HIPAA: Compendium of Next steps from Rural Hospitals to Large Health Systems to Physician Practices Presented by HIPAA Pros 5th Annual HIPAA.
2002 Quality Report Presented to the Board of Trustees March 2003.

2002 Quality Report Presented to the Board of Trustees March 2003.
| Establishing a Contingency Plan.

| Establishing a Contingency Plan.

Similar presentations

Ads by Google