Presentation is loading. Please wait.

Presentation is loading. Please wait.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

Published byJessica Johns Modified over 9 years ago

Similar presentations

Presentation on theme: "LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think."— Presentation transcript:

1 LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think Tank: Securely Deploying Mobile Technologies & Services

2 The Health Insurance Portability and Accountability Act (HIPAA) is a national law that establishes standards for the privacy and security of protected health information (PHI) PHI includes any individually identifiable health information (health information that identifies a person and relates to his/her physical or mental health or condition) that is transmitted electronically Privacy: The requirement to protect ALL forms of Protected Health Information (PHI) Security: Applies to ELECTRONIC forms of PHI and includes directives regarding physical and technical security measures. 2 HIPAA

3 HIPAA Security Regulations The security regulations are a set of standards that provide directives on how to protect electronic protected health information (ePHI) The security regulation includes physical safeguards administrative safeguards, technical safeguards, organizational requirements and policies & procedures Information Security refers to all the protections in place to ensure that electronic PHI is (1) kept confidential, (2) not improperly altered or destroyed, and (3) is readily accessible to authorized individuals “Confidentiality-Integrity-Availability” Examples of Security Protections Include: Hardware & Software ProtectionsPersonnel Policies Physical Security AwarenessInformation Practices Disaster PreparednessOversight Of All These Areas

4 HITECH ACT HEALTH INFORMATION TECHNOLOGY FOR ECONOMIC AND CLINICAL HEALTH ACT (HITECH)-Title 13 Contained within the American Recovery and Reinvestment Act of 2009 (ARRA) “The Stimulus Bill” Signed into law February 17, 2009 (most changes effective in 2010) Subtitle D: Privacy (Expanded scope of HIPAA privacy and security laws) Increased penalties for violating privacy and security laws-includes criminal provisions which apply to any person, including employees, and it creates a State’s right of action for Attorney General(s) Impact on Covered Entities and Business Associates Mandatory Breach Notification Heightened Enforcement Scheme New rules for Accounting of Disclosures

5 Privacy and Security Checklist 1. Have you formally designated people or positions as your organization’s privacy and security officers? 2. Do you have documented privacy and information security policies and procedures? 3. Have they been reviewed and updated, where appropriate, in the last six months? 4. Have the privacy and information security policies and procedures been communicated to all personnel, and made available for them to review at any time? 5. Do you provide regular training and ongoing awareness communications for information security and privacy for all your workers? 6. Have you done a formal information security risk assessment in the last 12 months? 7. Do you regularly make backups of business information, and have documented disaster recovery and business continuity plans? 8. Do you require all types of sensitive information, including personal information and health information, to be encrypted when it is sent through public networks and when it is stored on mobile computers and mobile storage devices? 9. Do you require information, in all forms, to be disposed of using secure methods? 10. Do you have a documented breach response and notification plan, and a team to support the plan? 5

6 INTERACTIVE THINK TANK….

7 OPERATIONAL IMPACT IT Infrastructure Service Lines Strategic Objectives Financial Analysis

8 DUE DILIGENCE Board Approval Market Analysis Value –Will they use it for it’s purpose –What mobile applications do we have? BYOD Outsource vs. Internal Support

9 SECURITY What steps has your organization taken to assess security in establishing a mobility platform? –Regulatory –Management –Risk

10 PRIVACY What processes has your organization implemented to enforce privacy practices and how will those transition or integrate into a mobility platform? –Regulatory –Policies –Access

11 INTEROPERABILITY Has your company conducted research to establish what solutions are available to successfully deliver applications and/or data of value to a mobile platform? –Build vs. Buy –Connectivity

12 WORKFLOW CONCERNS Has your company reviewed existing workflow and resources to understand the benefits and value of mobility? –Internal Communications –Confidential / Patient Information –Physicians

13 CHALLENGES Deployment Repairs Support Standardization of Policies Adaptation User Autonomy / Physician Control Reporting Capabilities Innovation

Download ppt "LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health

H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
Hipaa privacy and Security

Hipaa privacy and Security
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.

HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
HIPAA Basics November 1, 2014.

HIPAA Basics November 1, 2014.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.

HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
HIPAA What’s New? 2010. What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Corporate Compliance Program STANDARDS OF CONDUCT HIPAA PRIVACY & SECURITY Temple University Health System Maribel Valentin, Esquire Associate Counsel.

Corporate Compliance Program STANDARDS OF CONDUCT HIPAA PRIVACY & SECURITY Temple University Health System Maribel Valentin, Esquire Associate Counsel.
CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.

CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.
HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

Similar presentations

Ads by Google