Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

Published bySeth Burriss Modified over 10 years ago

Similar presentations

Presentation on theme: "The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office."— Presentation transcript:

1 The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office

2 The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS

3 TRICARE Management Activity HEALTH AFFAIRS 3 The Legal Foundation Purpose The purpose of this presentation is to provide an overview of the laws that will be discussed during the Data Protection Seminar

4 TRICARE Management Activity HEALTH AFFAIRS 4 The Legal Foundation Objectives Upon completion of this presentation, you should be able to: State the purpose of each law, who it applies to, and what it protects Recognize that laws create standards and mandate compliance Identify how different laws relate to one another

5 TRICARE Management Activity HEALTH AFFAIRS 5 The Legal Foundation The Privacy Act Purpose: Balance the governments need to maintain information about individuals with the rights of individuals Restricts disclosure of personally identifiable records Grants individuals increased rights of access to records To whom it applies: Federal government agencies What it protects: Information about individuals held in systems of records Implementation standards: DoD 5400.11-R, DoD Privacy Program

6 TRICARE Management Activity HEALTH AFFAIRS 6 The Legal Foundation HIPAA Purpose: The Health Insurance Portability and Accountability Act (HIPAA) improves the efficiency and effectiveness of the health care system by standardizing the electronic exchange of administrative and financial data To whom it applies: Covered entities, including health plans, health care clearinghouses, and health care providers who transmit health information electronically in connection with certain transactions set forth in the regulations What it protects: Protected Health Information (PHI) Implementation standards DoD 6025.18-R, DoD Health Information Privacy Regulation DoD 8580.02-R, DoD Health Information Security Regulation

7 TRICARE Management Activity HEALTH AFFAIRS 7 The Legal Foundation FOIA Purpose: The Freedom of Information Act (FOIA) informs the public through responsible disclosure of information while appropriately protecting all interests To whom it applies: Federal government agencies What it protects: Individuals right to know what the government is doing Implementation standards DoD 5400.7-R, DoD Freedom of Information Act Program DoD Directive 5400.7, DoD Freedom of Information Act (FOIA) Program

8 TRICARE Management Activity HEALTH AFFAIRS 8 The Legal Foundation FISMA Purpose: The Federal Information Security Management Act (FISMA) provides a comprehensive framework for ensuring effectiveness of information security controls over information resources that support Federal operations and assets To whom it applies Federal government agencies information systems Information systems operated by contractors on behalf of federal agencies What it protects: Federal information systems and related resources

9 TRICARE Management Activity HEALTH AFFAIRS 9 The Legal Foundation FISMA (continued) Implementation Standards DoD FISMA Guidance 2008 DoD Directive 8500.1, Information Assurance DoD Instruction 8500.2, Information Assurance Implementation

10 TRICARE Management Activity HEALTH AFFAIRS 10 The Legal Foundation E-Government Act Purpose: Improve internet-based technology to make it easier for citizens and businesses to interact with the government To whom it applies: Federal government agencies What it protects: Personally Identifiable Information (PII) that agencies collect, maintain, or disseminate when developing or securing information technology Roadmap DoD FISMA Guidance 2008 DoD CIO Memorandum, DoD Privacy Impact Assessment (PIA) Guidance

11 TRICARE Management Activity HEALTH AFFAIRS 11 The Legal Foundation Paperwork Reduction Act Purpose Reduce the total amount of paperwork handled by the federal government and general public Maximize utility of information To whom it applies Federal government agencies Businesses, organizations, and individuals who do business with the federal government What it protects: Information created, collected, maintained, used, disseminated, or disposed Roadmap: DoD 8910.1-M, DoD Procedures for Management of Information Requirements

12 TRICARE Management Activity HEALTH AFFAIRS 12 The Legal Foundation Records Management Purpose: Supports the creation, maintenance and use, and disposition of records in order to document federal policies, operations, and transactions appropriately and economically To whom it applies: Government agencies, businesses and organizations who do business with the Federal Government What it protects: All information created, maintained, disseminated, or disposed of that documents the business transactions of the agency Implementation standards 36 CFR, Chapter 12 Administrative Instruction 15

13 TRICARE Management Activity HEALTH AFFAIRS 13 The Legal Foundation Integrating Different Laws Different laws with different purposes often govern at the same time Compliance with all applicable laws is required

14 TRICARE Management Activity HEALTH AFFAIRS 14 The Legal Foundation Summary You should now be able to: State the purpose of each law, who it applies to, and what it protects Recognize that laws create standards and mandate compliance Identify how different laws relate to one another

15 TRICARE Management Activity HEALTH AFFAIRS 15 The Legal Foundation Definitions Personally Identifiable Information (PII) Information which can be used to distinguish or trace an individuals identity Including name, social security number, date and place of birth, mothers maiden name, biometric records Any other personal information which is linked or linkable to a specified individual

16 TRICARE Management Activity HEALTH AFFAIRS 16 The Legal Foundation Definitions (continued) Protected Health Information (PHI) Individually identifiable health information Created, received, or maintained by a covered entity, including TMA Transmitted or maintained by electronic or any other form or medium, except as otherwise contained in employment records held by TMA in its role as an employer

17 TRICARE Management Activity HEALTH AFFAIRS 17 The Legal Foundation Resources DoD Regulation 5400.11-R, DoD Privacy Program, May 14, 2007 DoD Regulation 6025.18-R, DoD Health Information Privacy Regulation, January 2003 DoD Regulation 8580.02-R, DoD Health Information Security Regulation, July 12, 2007 DoD Directive 5400.7, DoD Freedom of Information (FOIA) Act Program, October 28, 2005 DoD Regulation 5400.7-R, DoD Freedom of Information Act Program, September 1998

18 TRICARE Management Activity HEALTH AFFAIRS 18 The Legal Foundation Resources (continued) DoD FISMA Guidance, May 2008 DoD Directive 8500.1, Information Assurance, October 24, 2002 DoD Instruction 8500.2, Information Assurance Implementation, February 6, 2003 DoD CIO Memorandum, DoD Privacy Impact Assessment (PIA) Guidance, October 28, 2005 DoD Manual 8910.1-M, DoD Procedures for Management of Information Requirements, June 30, 1998

19 TRICARE Management Activity HEALTH AFFAIRS 19 The Legal Foundation Resources (continued) The Privacy Act of 1974, Public Law 93-579, December 31, 1974 Health Insurance Portability and Accountability Act, Public Law 104-191, August 21, 1996 (HIPAA) Freedom of Information Act (FOIA), July 4, 1966 Federal Information Security Management Act (FISMA) of 2002 E-Government Act, Public Law 107-347, of 2002 Paperwork Reduction Act, Public Law 104-13, May 22, 1995 Office of Management and Budget Circular No. A-130, Management of Federal Information Resources, February 8, 1996

Download ppt "The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office."

Similar presentations

Department of Commerce Privacy Awareness

Department of Commerce Privacy Awareness
Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health

H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health
June 27, 2005 Preparing your Implementation Plan.

June 27, 2005 Preparing your Implementation Plan.
Data Sharing In Accordance with HIPAA

Data Sharing In Accordance with HIPAA
0 Jumping through Two Hoops: the HIPAA Privacy Rule and State Law Compliance Issues Bruce Merlin Fried, Esq. The fifth National HIPAA Summit November 1,

0 Jumping through Two Hoops: the HIPAA Privacy Rule and State Law Compliance Issues Bruce Merlin Fried, Esq. The fifth National HIPAA Summit November 1,
Embedding Privacy in Federal Information Systems Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP MITRE Corp. Workshop.

"Embedding Privacy in Federal Information Systems" Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP MITRE Corp. Workshop.
© fedict 2008. All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.

© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.
Impact of the HIPAA Privacy Rule on Health Services Research Deborah Klein Walker (Abt) AcademyHealth Meeting, Seattle, June 25, 2006.

Impact of the HIPAA Privacy Rule on Health Services Research Deborah Klein Walker (Abt) AcademyHealth Meeting, Seattle, June 25, 2006.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
The HIPAA Privacy Rule And Its Impact On Agents And Employers National Association of Health Underwriters Capitol Conference March 23, 2003 Joseph T. Holahan,

The HIPAA Privacy Rule And Its Impact On Agents And Employers National Association of Health Underwriters Capitol Conference March 23, 2003 Joseph T. Holahan,
Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC 29406 843-576-1426 Health Insurance Portability.

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.
WHO Good Distribution Practices for Pharmaceutical Products

WHO Good Distribution Practices for Pharmaceutical Products
1 Targeted Case Management (TCM) Changes Iowa Medicaid Enterprise October 14, 2008.

1 Targeted Case Management (TCM) Changes Iowa Medicaid Enterprise October 14, 2008.
HIPAA AWARENESS TRAINING

HIPAA AWARENESS TRAINING
2009 Data Protection Seminar

2009 Data Protection Seminar
Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Lessons Learned from Financial Management Reviews May 15, 2008 Bruce Robinson FTA Office of Research, Demonstration and Innovation.

Lessons Learned from Financial Management Reviews May 15, 2008 Bruce Robinson FTA Office of Research, Demonstration and Innovation.
The Family Educational Rights & Privacy Act (FERPA) & other statutes related to student information.

The Family Educational Rights & Privacy Act (FERPA) & other statutes related to student information.
Data Sharing Agreements TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

Data Sharing Agreements TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

Similar presentations

Ads by Google