Presentation is loading. Please wait.

Presentation is loading. Please wait.

Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed.

Published byCharleen McLaughlin Modified over 8 years ago

Similar presentations

Presentation on theme: "Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed."— Presentation transcript:

1 Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed by Duke University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC000024.

2 2 Unit 9-1 Objectives Explain the concepts of privacy and confidentiality requirements and policies and learn how to implement the requirements Describe how to secure data storage and transmission using data encryption, signatures, validation, non-repudiation, and integrity (PKI, certificates, and security protocols) Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011

3 Security Defined The quality or state of being secure Freedom from danger Freedom from fear or anxiety Measures taken to guard against espionage or sabotage, crime, attack, or escape Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 3

4 Information Security Protecting information and information systems (including computers, computing devices and networks) from:  Unauthorized access  Unauthorized use  Unauthorized alterations  Unauthorized interruptions  Devastation Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 4

5 Key Security Concepts Confidentiality Integrity Availability Accountability Nonrepudiation Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 5

6 Confidentiality Confidentiality is making sure that only authorized individuals have access to information. It is also making sure that individuals with access keep the information private and do not share with others. There are Federal and State laws in place to protect patient confidentiality, and punish those who abuse confidentiality. Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 6

7 The Health Insurance Portability and Accountability Act (HIPPA) Protects health insurance coverage for workers and their families when they change or lose their jobs. Requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 7

8 HIPPA Continued Addresses the security and privacy of health data. Encourages the widespread use of electronic data interchange (EDI) in the U.S. health care system. Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 8

9 Integrity Integrity means that the data in a system is the same as the data from the original source. The data has not been altered or destroyed, intentionally or unintentionally. Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 9

10 Encryption Plaintext + Cipher = Ciphertext Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 10 Hi Tevin, Our meeting today will start at 2 pm. Don’t forget to bring the UNC file so we can go over it. Thanks, Michele Xsdi&9 SJiOih Jiouqn po,I(_f MLPada[p90= )09[;aclk 8cj[09ampoiJ Had98.,mafds af89J Jip235 + =

11 Example Cipher = Shift characters x amount to the y Plaintext = Hospital X= 3, y = right Ciphertext = KRVSLWDO X=4, y=left Ciphertext = DKOLEPWH Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 11

12 Types of Encryption Symmetric –Same key used to encrypt and decrypt –Shared key Asymmetric –One key used to encrypt and another key used to decrypt –Public key encryption Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 12

13 Hashes A number that is generated based on the data. If the data has been altered in any way then the hash will be different. Also called a message digest or simply a digest. Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 13

14 Availability Means that the system/data is available when needed Fault-tolerance Denial of service (DoS) Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 14

15 Accountability Accountability is the process of holding a person/entity responsible for his actions. System must Identify users Maintain audit trail of actions Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 15

16 Nonrepudiation Provides Proof –Origin Digital signatures Private keys (asymmetric encryption) –Delivery Return receipts Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 16

17 Public Key Infrastructure (PKI) Certificates –Also called digital or identity certificates –Public keys Certificate Authority (CA) Registration Authority (RA) Revocation –Certificate Revocation List (CRL) Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 17

18 Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 18

19 Component 9/Unit 9-1Health IT Workforce Curriculum Version 2.0/Spring 2011 19

Download ppt "Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Confidentiality and Privacy Controls

Confidentiality and Privacy Controls
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
Public Key Infrastructure Ben Sangster February 23, 2006.

Public Key Infrastructure Ben Sangster February 23, 2006.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Web services security I

Web services security I
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Similar presentations

Ads by Google