Presentation is loading. Please wait.

Presentation is loading. Please wait.

DATA PROTECTION IN THE AGO Christina Beusch Deputy Attorney General WA State Attorney General’s Office.

Published byMiranda Townsend Modified over 9 years ago

Similar presentations

Presentation on theme: "DATA PROTECTION IN THE AGO Christina Beusch Deputy Attorney General WA State Attorney General’s Office."— Presentation transcript:

1 DATA PROTECTION IN THE AGO Christina Beusch Deputy Attorney General WA State Attorney General’s Office

2 It’s Not Just Our Clients’ Problem! Paralegal: Where is that disk? Legal Assistant: Oops – Wrong email address! AAG: I need a USB flash drive to download documents to take to court. Investigator: My car was parked right in front of my house and the file was on the backseat. Manager: It’s just easier if I travel with these reports on my Kindle Reader.

3 Source of Privacy Obligations HIPAA/HITECH – AGO is a “business associate” State health information privacy laws, e.g. ch. 70.02 RCW State and federal personal information privacy laws e.g. RCW 42.56.590, Gramm- Leach-Bliley Act Attorney-Client and Work Product Privileges

4 Know Your Data Category 1 – Public Information Category 2 – Sensitive Information – not specifically protected but for official use only Category 3 – Confidential Information – privileged, personal/ personnel, security Category 4 – Confidential Information Requiring Special Handling – strict legal requirements and sanctions apply, e.g. health information, SSNs, personal financial info

5 Create a Data Protection Program Assemble office experts to advise management and empower them to do the job Have strong senior executive support Adopt specific and legally compliant policies, procedures, and business rules to govern how staff are required to protect data and address breaches Document data protection obligations in client MOUs and vendor contracts

6 Implement a Data Protection Program Can’t have protection without education Train new employees and existing employees at regular intervals and document training Create a culture of compliance, e.g. use strategic plans, staff meetings, CLEs, signage Keep up with technology – identify new ways data can be compromised and find new tools to safeguard data so staff can do business

7 A “Toolkit” IT Security Policy Mobile Device Policy HIPAA/HITECH Policy Breach Notification Protocol Division/Unit Business Rules Client MOU for HIPAA /HITECH Compliance Contract language for HIPAA /HITECH Compliance

Download ppt "DATA PROTECTION IN THE AGO Christina Beusch Deputy Attorney General WA State Attorney General’s Office."

Similar presentations

Electronic Medical Records: Implications of HIPAA for Selecting and Implementing an EMR Todd Frech Senior Partner www.ociusmedinfo.com.

Electronic Medical Records: Implications of HIPAA for Selecting and Implementing an EMR Todd Frech Senior Partner
Federal Law and Student Privacy and Federal Law and Health Care Privacy New Business Manager Training NMASBO.

Federal Law and Student Privacy and Federal Law and Health Care Privacy New Business Manager Training NMASBO.
2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.

2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
Hipaa privacy and Security

Hipaa privacy and Security
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA Implementation. Basic HIPAA Requirements Designating a Privacy Officer Notifying patients about their privacy rights and how their information can.

HIPAA Implementation. Basic HIPAA Requirements Designating a Privacy Officer Notifying patients about their privacy rights and how their information can.
Forming Your HIPAA Compliance Plan PRESENTED BY. Daniel B. Brown, Esq. Healthcare Attorney Taylor English Duma LLP Jason Karn Director Training and IT.

Forming Your HIPAA Compliance Plan PRESENTED BY. Daniel B. Brown, Esq. Healthcare Attorney Taylor English Duma LLP Jason Karn Director Training and IT.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
HIPAA Regulations What do you need to know?.

HIPAA Regulations What do you need to know?.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
Privacy, Security, Confidentiality, and Legal Issues

Privacy, Security, Confidentiality, and Legal Issues
Springfield Technical Community College Security Awareness Training.

Springfield Technical Community College Security Awareness Training.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Allison Dolan Program Director, Protecting PII Handling Sensitive Data - WISP and PIRN.

Allison Dolan Program Director, Protecting PII Handling Sensitive Data - WISP and PIRN.
© Chery F. Kendrick & Kendrick Technical Services.

© Chery F. Kendrick & Kendrick Technical Services.
Steps to Compliance: Bring Your Own Device PRESENTED BY.

Steps to Compliance: Bring Your Own Device PRESENTED BY.
Legal Duties to LEP Health and Social Services Clients Jill Moore Institute of Government December 2004.

Legal Duties to LEP Health and Social Services Clients Jill Moore Institute of Government December 2004.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Session 3 – Information Security Policies

Session 3 – Information Security Policies

Similar presentations

Ads by Google