Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMING TO THE HIPAA PARTY: TIPS FOR IT SUPERHEROES &

Published byVivian Charles Modified over 6 years ago

Similar presentations

Presentation on theme: "COMING TO THE HIPAA PARTY: TIPS FOR IT SUPERHEROES &"— Presentation transcript:

1 COMING TO THE HIPAA PARTY: TIPS FOR IT SUPERHEROES &
Schenck Price Smith & King, LLP COMING TO THE HIPAA PARTY: TIPS FOR IT SUPERHEROES & COMPLIANCE TO COEXIST Presented by: Deborah A. Cmielewski, Esq. March 2, 2016 © Schenck Price Smith & King, LLP

2 AGENDA Background: How did we get here? 2. The Security Rule C.F.R. § Where do we go from here?

3 SETTING THE STAGE “…all the major healthcare data breaches of 2015 … were the result of the actions of hackers.”

4 HUMAN ERROR RESULTED IN BREACHES
Loss of devices Equipment theft Unauthorized disclosures Improper disposal

5 RECENT ENFORCEMENT CONTINUES
Lahey Triple-S UWM Lincare

6

7

8 “REQUIRED” vs. “ADDRESSABLE” SPECIFICATIONS
Required means you must do it Addressable Reasonable and appropriate Must document decisions

9 45 C.F.R. § 164.308 Administrative Safeguards
The Security Rule is flexible and scalable

10

11 SECURITY MANAGEMENT PROCESS (45 C.F.R. § 164.308(a)(1)(ii))
- Sanction Policy (R): Apply appropriate sanctions for failure to comply - IS Activity Review (R): Regularly review records of IS activity

12 ID SECURITY OFFICIAL

13 WORKFORCE SECURITY (45 C.F.R. § 164.308(a)(3)(ii)
Authorization Supervision Workforce Clearance Termination Procedures

14 INFORMATION ACCESS MANAGEMENT (45 C.F.R. § 164.308(a)(4)(ii)
- Consistent with “minimum necessary” - Role-based access

15 SECURITY AWARENESS AND TRAINING 45 C.F.R. § 164.308(a)(5)
- Training must be effective - Often cited in regulatory actions

16

17 “Security Incident means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.”

18

19

20 OCR CYBER-AWARENESS INITIATIVE

21 QUESTIONS?

22 Serving Our Clients And Community For Over 100 Years www. spsk
Serving Our Clients And Community For Over 100 Years Deborah A. Cmielewski, Esq. (973)

Download ppt "COMING TO THE HIPAA PARTY: TIPS FOR IT SUPERHEROES &"

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.

The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.
Steps to Compliance: Managing Business Associates PRESENTED BY.

Steps to Compliance: Managing Business Associates PRESENTED BY.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Security NWOAHU Presented by Barb Gerken 11/12/2013.

HIPAA Security NWOAHU Presented by Barb Gerken 11/12/2013.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Where to start Ben Burton, JD, MBA, RHIA, CHP, CHC.

Where to start Ben Burton, JD, MBA, RHIA, CHP, CHC.
HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
HIPAA Regulations What do you need to know?.

HIPAA Regulations What do you need to know?.
HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.

HIPAA Security Rule Overview and Compliance Program Presented by: Lennox Ramkissoon, CISSP The People’s Hospital HIPAA Security Manager The Hospital June.
Privacy, Security and Compliance Concerns for Management and Boards November 15, 2013 Carolyn Heyman-Layne, Esq. 1.

Privacy, Security and Compliance Concerns for Management and Boards November 15, 2013 Carolyn Heyman-Layne, Esq. 1.
1 HIPAA Privacy & Security Overview Know HIPAA Presents.

1 HIPAA Privacy & Security Overview Know HIPAA Presents.
Health information security & compliance

Health information security & compliance
Welcome to UF We’re from the Privacy Office and we’re here to help you… HIPAA Orientation College of Nursing– Fall 2014 Cheryl Webber, MS, RHIA University.

Welcome to UF We’re from the Privacy Office and we’re here to help you… HIPAA Orientation College of Nursing– Fall 2014 Cheryl Webber, MS, RHIA University.
Karen D. Smith, Esq. Partner Bricker & Eckler LLP 100 S. Third Street Columbus, OH 43215 (614) 227-2313.

Karen D. Smith, Esq. Partner Bricker & Eckler LLP 100 S. Third Street Columbus, OH (614)
© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,

© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,
Mark S. Hayes – Blake, Cassels & Graydon LLP Privacy and Security – Some Observations Mark S. Hayes, Blake, Cassels & Graydon LLP 7th CACR Privacy and.

Mark S. Hayes – Blake, Cassels & Graydon LLP Privacy and Security – Some Observations Mark S. Hayes, Blake, Cassels & Graydon LLP 7th CACR Privacy and.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)

1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)

Similar presentations

Ads by Google