Presentation is loading. Please wait.

Presentation is loading. Please wait.

One Academic Medical Center’s Response to HIPAA David McKelvey DUHS January 12, 2001.

Published byEllen Bruce Modified over 9 years ago

Similar presentations

Presentation on theme: "One Academic Medical Center’s Response to HIPAA David McKelvey DUHS January 12, 2001."— Presentation transcript:

1 One Academic Medical Center’s Response to HIPAA David McKelvey DUHS January 12, 2001

2 Education Goal: Learn the material. Regulations in the Federal Register Expert analyses / interpretations Conferences NCHICA HIPAA HealthKey WEDI conference INfoSec 2000 GG/healthcare symposium HIPAA National Summit in DC AMC HIPAA Workshop Awareness Orientation Identification Organization Technology Normalize Contacts

3 HIPAA security training sessions Goal: Introduce HIPAA to the organization and stimulate planning required to become compliant. 4 hours long Held approximately every 6 weeks Lecture style presentation Several hundred people have attended so far Awareness Orientation Identification Organization Technology Normalize Contacts

4 HIPAA first look meetings (Gap Analysis) Goals: Equip groups with information required to prepare HIPAA budget requests. Give snapshot to senior mgmt. 3-6 hours long Scheduled with individual groups In attendance management and IT people Deliverable is a spreadsheet filled out by the group Compliance level (L M H) Challenges, needs, success factors in becoming compliant ($ ET ST OC T O SL HSL SD) Opportunities while/in becoming compliant ($ ST O SL HSL TEAM STDS SD) Cost estimate to become compliant (L M H) Cost estimate to stay compliant (L M H) About 18 groups have participated so far

5 Awareness Orientation Identification Organization Technology Normalize Contacts Groups Goal: Organize people and activities required to bring the organization into HIPAA compliance. Changes to policy, procedures, and technology in equal measure is required. Executive committee Policy group Evaluation and monitoring committee Information security office Technical security guidance groups Oversight groups Managers

6 Awareness Orientation Identification Organization Technology Normalize Contacts Goal: Prototype, pilot, and implement technological solutions to HIPAA requirements best addressed by common or interoperable technological solutions. Firewall Public Key Infrastructure (PKI) Digital Signature Virtual Private Network (VPN) Wireless network access Anti-virus software Personal firewall PDA access Intrusion detection Security incident

7 Awareness Orientation Identification Organization Technology Normalize Contacts Goal: Participate in activities with representatives of other HCOs intended to define what is adequate, promote interoperable standards, and coordinate implementation. North Carolina Healthcare Information and Communications Alliance (NCHICA) Implementation Planning Task Force Data Security Workgroup Network Security and Interoperability Workgroup Transactions Workgroup Workgroup for Electronic Data Interchange (WEDI)

8 Awareness Orientation Identification Organization Technology Normalize Contacts David McKelvey:David.McKelvey@Duke.eduDavid.McKelvey@Duke.edu NCHICA:http://www.NCHICA.orghttp://www.NCHICA.org WEDI:http://www.WEDI.orghttp://www.WEDI.org

Download ppt "One Academic Medical Center’s Response to HIPAA David McKelvey DUHS January 12, 2001."

Similar presentations

Electronic Medical Records: Implications of HIPAA for Selecting and Implementing an EMR Todd Frech Senior Partner www.ociusmedinfo.com.

Electronic Medical Records: Implications of HIPAA for Selecting and Implementing an EMR Todd Frech Senior Partner
(Individuals with Disabilities Education Improvement Act) and

(Individuals with Disabilities Education Improvement Act) and
Program Management Office (PMO) Design

Program Management Office (PMO) Design
January 2011 National Alliance for Public Safety GIS Foundation Presentation to the Geospatial World Forum.

January 2011 National Alliance for Public Safety GIS Foundation Presentation to the Geospatial World Forum.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.

CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
Strengthening Institutions Programs Title III 2000 - 2005.

Strengthening Institutions Programs Title III
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Electronic Digital Computer Mechanic Apprentice Program Cultivating technical skills critical to current & future needs Preparing our workforce to support.

Electronic Digital Computer Mechanic Apprentice Program Cultivating technical skills critical to current & future needs Preparing our workforce to support.
BUMC Early Career Faculty Development Program Executive Summary Mentorship Task Force.

BUMC Early Career Faculty Development Program Executive Summary Mentorship Task Force.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.
Application Security Management Functional Project Manager (s) ERP Project Director ERP Campus Executive University & Campus Administration Security Policy.

Application Security Management Functional Project Manager (s) ERP Project Director ERP Campus Executive University & Campus Administration Security Policy.
Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.

Enterprise Security. Mark Bruhn, Assoc. VP, Indiana University Jack Suess, VP of IT, UMBC.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
NORMA GOMEZ, MBA, MSN, RN, CNN Unique Challenges for the Nephrology Professional in Managing Change.

NORMA GOMEZ, MBA, MSN, RN, CNN Unique Challenges for the Nephrology Professional in Managing Change.
Community Information Technology Engagement (CITE): Program Overview

Community Information Technology Engagement (CITE): Program Overview
NASA PKI for PKI FORUM Presenters: Paul Ma, NASA-Ames Research Center

NASA PKI for PKI FORUM Presenters: Paul Ma, NASA-Ames Research Center

Similar presentations

Ads by Google