Presentation is loading. Please wait.

Presentation is loading. Please wait.

Working with HIT Systems Unit 7a Protecting Privacy, Security, and Confidentiality in HIT Systems This material was developed by Johns Hopkins University,

Published byWendy Walton Modified over 8 years ago

Similar presentations

Presentation on theme: "Working with HIT Systems Unit 7a Protecting Privacy, Security, and Confidentiality in HIT Systems This material was developed by Johns Hopkins University,"— Presentation transcript:

1 Working with HIT Systems Unit 7a Protecting Privacy, Security, and Confidentiality in HIT Systems This material was developed by Johns Hopkins University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC000013.

2 Objectives By the end of this unit the student will be able to: Explain and illustrate privacy, security, and confidentiality in HIT settings. Identify common threats encountered when using HIT. Formulate strategies to minimize threats to privacy, security, and confidentiality in HIT systems. Component 7/Unit 72 Health IT Workforce Curriculum Version 2.0/Spring 2011

3 Electronic Health Information Risks and Opportunities Access to electronic vs. paper records Public apprehension around digitization of health information Success of HIT systems depends on ensuring patient privacy Security can facilitate patient-centered care Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 3

4 Privacy, Confidentiality, Security Defined Privacy: patient is in control Confidentiality: only authorized individuals are allowed access Security: controls/safeguards that ensure confidentiality Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 4

5 Security Management System Standards ISO 27001 NIST 800-53 HIPAA Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 5

6 HIPAA and PHI Health Insurance Portability and Accountability Act of 1996 Privacy Rule (effective 2003) Security Rule (effective 2005) HITECH Act of 2009 Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 6

7 Types of Security Safeguards Administrative Safeguards Physical Safeguards Technical Safeguards Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 7 Image: MS Clipart

8 Administrative Safeguards Security Management Process –Risk Analysis –Risk Management –Sanction Policy –System Activity Review Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 8 Image: http://www.hhs.gov

9 Administrative Safeguards Assigned Security Responsibility –Security officer Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 9 Image: MS Clipart

10 Administrative Safeguards Workforce Security, Information Access Management –Who can and who cannot have access –Who determines who can have access and how –Employee turnover –Contractors –User roles Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 10 Image: MS Clipart

11 Administrative Safeguards Security Awareness and Training –Training –Security reminders –Log-in monitoring –Password management Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 11 Image: MS Clipart

12 Administrative Safeguards Security Incident Procedures Contingency Plan –Data backup –Disaster recovery –Emergency operation plan Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 12 Image: MS Clipart

13 Administrative Safeguards Evaluation Business Associate Agreements Component 7/Unit 7 Health IT Workforce Curriculum Version 2.0/Spring 2011 13 Image: http://www.hhs.gov

Download ppt "Working with HIT Systems Unit 7a Protecting Privacy, Security, and Confidentiality in HIT Systems This material was developed by Johns Hopkins University,"

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.

© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.

CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
Security Controls – What Works

Security Controls – What Works
2 The Use of Health Information Technology in Physician Practices.

2 The Use of Health Information Technology in Physician Practices.
Informed Consent and HIPAA Tim Noe Coordinating Center.

Informed Consent and HIPAA Tim Noe Coordinating Center.
HIPAA PRIVACY AND SECURITY AWARENESS.

HIPAA PRIVACY AND SECURITY AWARENESS.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey 07458 All rights reserved. Health Information Technology and Management Richard.

Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Similar presentations

Ads by Google