Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting our members, our company, and our selves

Published byClemence Wilcox Modified over 6 years ago

Similar presentations

Presentation on theme: "Protecting our members, our company, and our selves"— Presentation transcript:

1 Protecting our members, our company, and our selves
A DBA’s Guide to HIPAA Protecting our members, our company, and our selves

2 A little about me @SQLServerNerd Vice President Event Chair
Forums Administrator 2 | 9/19/2018 | A DBA’s Guide to HIPAA

3 What is HIPAA? Health Information Portability and Accounting Act (1996) Establishes requirements for working with protected information Establishes a civil and criminal penalty structure for violations HITECH act addresses computerized systems 3 | 9/19/2018 | A DBA’s Guide to HIPAA

4 What is protected Names Address Social Security number Family History
Telephone number Fax number Account numbers Medical record number address Dates (birthday, admission/discharge) Certificate/license numbers Vehicle ID (license plate, serial #) Personal Assets Device identifiers and serial numbers Biometric (finger or voice print) Photographs Geographic indicators (zip codes for areas with 20,000 or less people) Any unique identifying number, code or characteristic 4 | 9/19/2018 | A DBA’s Guide to HIPAA

5 Why do our companies care?
Up to $1.5 million annual fine for each provision violated Up to 10 years in prison Loss of trust in the company with members and partners 5 | 9/19/2018 | A DBA’s Guide to HIPAA

6 Why do we as DBAs care? Penalties can be potentially pass-thru
We can act as a line of defense. DBA = Default Blame Acceptor 6 | 9/19/2018 | A DBA’s Guide to HIPAA

7 DBA’s Pillars of Compliance
Security Compliance Encryption Auditing Image by Jason Swearingen licensed under Creative Commons 9/19/2018 | A DBA’s Guide to HIPAA

8 Security Use AD groups when possible and plan out access based on need. Review periodically Consider temporary grants Review developers data access code Avoid moving data across tiers Separate any public facing servers (web) as much as possible from direct SQL Access Linked servers can be a huge risk 8 | 9/19/2018 | A DBA’s Guide to HIPAA

9 Encryption Encrypt your backups
Consider TDE or a 3rd party solution All transmission of protected information need to be encrypted Encrypt at a cell level any data that exists outside your organization In a public facing DMZ for example 9 | 9/19/2018 | A DBA’s Guide to HIPAA

10 Auditing You will be audited regularly
Audit access to key systems containing protected information such as Claims information Care management Create queries ahead of time to make it easier to give your auditors what they want Audit Yourself. 10 | 9/19/2018 | A DBA’s Guide to HIPAA

11 HIPAA in the cloud. A Business Associates (BA) agreement will likely be required This will limit your options Azure offers a BA for some of its services but not others You have an obligation to know where your data is at all times 11 | 9/19/2018 | A DBA’s Guide to HIPAA

Download ppt "Protecting our members, our company, and our selves"

Similar presentations

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.

HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.

The Health Insurance Portability and Accountability Act Basic HIPAA Training For CMU workforce with access to PHI.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
HIPAA Training for Pharmaceutical Industry Representatives University of Utah Hospitals & Clinics.

HIPAA Training for Pharmaceutical Industry Representatives University of Utah Hospitals & Clinics.
WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.

WORKFORCE CONFIDENTIALITY HIPAA Reminders. HIPAA 101 The Health Insurance Portability and Accountability Act (HIPAA) protects patient privacy. HIPAA is.
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.

Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
Dr. Yaseen Hayajneh Health Insurance Portability and Accountability Act Yaseen HayajnehYaseen Hayajneh RN, MPH, PhD.

Dr. Yaseen Hayajneh Health Insurance Portability and Accountability Act Yaseen HayajnehYaseen Hayajneh RN, MPH, PhD.
Stony Brook Health Sciences Center Melissa Pinero HIPAA Privacy Officer 631-444-2148.

Stony Brook Health Sciences Center Melissa Pinero HIPAA Privacy Officer
HIPAA Privacy Keys to Success Education for Nursing and all other Clinical Students Effective January 2010 HIPAA Job Specific Education1.

HIPAA Privacy Keys to Success Education for Nursing and all other Clinical Students Effective January 2010 HIPAA Job Specific Education1.
Informed Consent.

Informed Consent.
 Health Care Information Portability and Accountability Act  Passed in 1996  2 objectives 1) Ensure people could maintain health insurance between.

 Health Care Information Portability and Accountability Act  Passed in 1996  2 objectives 1) Ensure people could maintain health insurance between.
 The Health Insurance Portability and Accountability Act of 1996.  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.

 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.

Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.
Free HIPAA Training BCI Computers Free HIPAA Training (c) 2014 BCI Computers all rights reserved.

Free HIPAA Training BCI Computers Free HIPAA Training (c) 2014 BCI Computers all rights reserved.
Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.

Professional Nursing Services.  Privacy and Security Training explains:  The requirements of the federal HIPAA/HITEC regulations, state privacy laws.
Protecting Client Data HIPAA, HITECH and PIPA Part 1A

Protecting Client Data HIPAA, HITECH and PIPA Part 1A
HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.

HIPAA Training Presentation for New Employees How did we get here? HIPAA Police 1.
CCHAP Practice Manager’s Meeting HIPAA Guidelines and Updates for Primary Care Practices Thursday October 24 th 2013 Noon – 1:00PM Instructions to join.

CCHAP Practice Manager’s Meeting HIPAA Guidelines and Updates for Primary Care Practices Thursday October 24 th 2013 Noon – 1:00PM Instructions to join.

Similar presentations

Ads by Google