HIPAA Security.

Slides:

Advertisements

Similar presentations

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, IT Security, East Carolina University.

Advertisements

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

Jeopardy $100 Access Controls Faxing My Workstation Pot Luck $200 $300 $400 $500 $400 $300 $200 $100 $500 $400 $300 $200 $100 $500 $400 $300 $200.

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.

Maintaining Security While Using Computers What all of Our Computer Users Need to Know.

K eep I t C onfidential Prepared by: Security Architecture Collaboration Team.

Privacy and Information Security Training ( ) VUMC Privacy Website

Hipaa privacy and Security

System Security & Patient Confidentiality General Lesson 1.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

Page 1 of 16 DMC HIPAA Privacy and Security DMC’S COMMITMENT TO COMPLIANCE: HIPAA PRIVACY and SECURITY DMC Corporate Audit and Compliance Department Detroit.

HIPAA Security Training 2005

HIPAA Health Insurance Portability and Accountability Act.

NAU HIPAA Awareness Training

Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

July 11 - September FFIEC Central Data Repository Bank Enrollment.

Locking the Backdoor: Computer Security and Medical Office Practice Dr. Maury Pinsk, FRCPC University of Alberta Division of Pediatric Nephrology.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

10 Essential Security Measures PA Turnpike Commission.

Security and Confidentiality Practices - Houston Dept. of Health and Human Services Jerald Harms, MPH, CART and Jeff Meyer, MD, MPH HIV/AIDS Surveillance.

HIPAA Privacy & Security EVMS Health Services 2004 Training.

New Data Regulation Law 201 CMR TJX Video.

The Office Procedures and Technology

-Target -Home Depot -Jimmy John’s “No one wants their personal information or sensitive data in the wrong hands”

HIPAA Privacy & Security Kay Carolin Barbara Ann Karmanos Cancer Center March 2009.

Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,

HIPAA PRIVACY AND SECURITY AWARENESS.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

Next ETCH Confidentiality and HIPAA Annual Review What you need to know. The Privacy Rule 1.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Standard Operating Procedures Joe Wherton Queen Mary University of London

Information Services Overview An introduction to DePaul’s technology especially for new employees.

HIPAA (health insurance portability and accountability act)

University Health Care Computer Systems Fellows, Residents, & Interns.

INFORMATION SECURITY WHAT IS IT? Information Security The protection of Information Systems against unauthorized access to or modification of information,

Group 3 Angela, Rachael, Misty, Kayelee, and Krysta.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.

HIPAA BASIC TRAINING MODULE 1C – Overview (For staff who do not generally create Protected Health Information) Anderson Health Information Systems, Inc.

Information Security Training for People who Supervise Computer Users.

Using Internet Explorer go to driversalert.com Employees who operate vehicles on department business should use the following instructions to access and.

Working with HIT Systems Unit 7a Protecting Privacy, Security, and Confidentiality in HIT Systems This material was developed by Johns Hopkins University,

Board of Directors – March 24, 2016 Denise Mannon, AHFI, CHPC Corporate Compliance Officer.

HIPAA Privacy What Every Staff Member Needs to Know.

Information Technology Nuts and Bolts Presented by Susana Ponte August 19, 2015.

Healthcare Careers II HIPAA-Overview for Healthcare Workers.

Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.

The Health Insurance Portability and Accountability Act

Protecting PHI & PII 12/30/2017 6:45 AM

East Carolina University

HIPAA Online Student Orientation

Protecting Client Confidentiality for Volunteers and Agency Staff

Chapter 3: IRS and FTC Data Security Rules

Move this to online module slides 11-56

HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT

County HIPAA Review All Rights Reserved 2002.

Lesson 1: Introduction to HIPAA

HIPAA & PHI TRAINING & AWARENESS

Data Security Awareness

Introduction to the PACS Security

Presentation transcript:

HIPAA Security

HIPAA Security Presentation Please review this presentation on HIPAA Security. When you are finished you will receive a sign-off sheet with instructions on returning it. If you have any questions, please contact Sheila Kline at 585-719-3160 or skline@depaul.org

Four Major Requirements Under HIPAA

1. Develop Administrative Procedures Write Policies & procedures related to security of our systems Implement a Disaster recovery plans

2. Ensure Physical Safeguards Keep Servers in a secure location Keep Offices and file cabinets locked

3. Implement Technical Security Services Control Access – who are the users & security levels Audit – who can access data & who did access data

4. Institute Technical Security Mechanisms User accounts and passwords Virus protection Firewalls Data transfer protocols, file encryption Secure, monitored servers (MIS department responsibilities)

What Are Electronic Files? Information stored on Computers Laptops PDA’s Floppies CD’s DVD’s Zip Disks Flash Drives Reasonable measures need to occur to keep these items secure. Laptops, CDs, DVD’s, Floppies and Flash drives need to be stored in a locked area if they contain PHI.

What can you do to help?

Employee Security Rules E-mail Do not use e-mail to communicate confidential information Depaul.org email is NOT secure AWARDS messaging is HIPPA Compliant FAX Transmissions Use cover sheet with the DePaul disclaimer Know who you are faxing Dial the correct number or use speed-dial when possible Verify receipt of fax Keep fax machines in private areas Conversations in public places Be aware of where you are and who can hear you

Employee Security Rules Be aware of who can hear your Voicemail messages or conversations on Speaker Phone Written Correspondence Keep confidential and secure Do not leave PHI out in the open on your desk Ensure that doors, desks and cabinets are locked If you do not have a locked area to keep PHI contact your supervisor Be aware of who can observe data you are entering or displayed on your monitor Do not leave confidential information on your computer screen Lock your computer before leaving your workspace for any length of time (ctrl+alt+delete)

Employee Security Rules Do not install or download any software on your computer All software on DePaul computers must be authorized by the MIS Dept. File transfer programs can create security loop holes Data Minor programs installed inadvertently while surfing the internet can search for data on your computer. Phones Do not use speaker phone when listening to voicemail when PHI could be discussed Be aware of who can hear speakerphone or conference call conversations.

Employee Security Rules Passwords Never give your passwords to another user Change often (every 3 months or sooner) Be creative when thinking of a password. do not store passwords near your computer. Never login and allow other staff to access databases under your user name and password. If a new staff person needs rights to a database – they need to contact the MIS Department. If a staff person does not have all the rights they need to complete their job in a database – they need to contact the MIS Department – not use another staff’s database credentials.

Click here to access the sign-off sheet. If you have any questions regarding HIPAA Security, please contact Sheila Kline 585-719-3160 or skline@depaul.org Click here to access the sign-off sheet.