Steps to Compliance: Electronic Devices Overview PRESENTED BY.

Slides:

Advertisements

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Steps to Compliance: Managing Business Associates PRESENTED BY.

Are You Smarter Than a 5 th Grader? 1,000,000 Blog Online Search Kindle? Documents? Backup Virus click here! Downloading Music Expiration Date?

Forming Your HIPAA Compliance Plan PRESENTED BY. Daniel B. Brown, Esq. Healthcare Attorney Taylor English Duma LLP Jason Karn Director Training and IT.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Privacy, Security, Confidentiality, and Legal Issues

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Unit 11 Communication & Collaboration.  Identify different communication methods  Identify advantages of electronic communication  Identify common.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

1 CLOUD AND SaaS-BASED PLATFORMS: ENSURING DATA PRIVACY May, 2011.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Steps to Compliance: Bring Your Own Device PRESENTED BY.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.

Patient Consent The Massachusetts Health Information Highway

Steps to Compliance: Risk Assessment PRESENTED BY.

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.

1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.

DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.

ENCRYPTION Coffee Hour for August HISTORY OF ENCRYPTION Scytale Ciphers – paper wrapped around rod, receiver needed same size rod to get the message.

SECURITY: Personal Health Information Protection Act, 2004 this 5 min. course covers: changing landscape of electronic health records security threats.

New Data Regulation Law 201 CMR TJX Video.

Threats to I.T Internet security By Cameron Mundy.

Information Security Information Technology and Computing Services Information Technology and Computing Services

Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.

Computing Concepts – Part 2 Getting Started with Applied Computer Concepts Computing Concepts: Part 2 1.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.

Information Security Technological Security Implementation and Privacy Protection.

Network and Internet Security and Privacy.  Two of the most common ways individuals are harassed online are  cyberbullying – children or teenagers bullying.

Safe computing and Malware Presentation done by Tylor Hardwick, Alex Gilsdorf, Code Forrester, Xander Winans.

HIPAA PRIVACY AND SECURITY AWARENESS.

Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.

ISMS for Mobile Devices Page 1 ISO/IEC Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.

Course ILT Computers and society Unit objectives Identify the main uses of computers in daily life, and identify the benefits of using Describe.

Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.

IT security By Tilly Gerlack.

Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.

Compliance Strategies for Records Management

Chapter X When can I consider my personal data secure?

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.

University Health Care Computer Systems Fellows, Residents, & Interns.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

Computer Security By Rachel Gaines. Computers are used for work, play, and everything in between. So here’s how to keep it fun and protected.

1 CHAPTER 2 LAWS OF SECURITY. 2 What Are the Laws of Security Client side security doesn’t work Client side security doesn’t work You can’t exchange encryption.

Protecting and Sharing Documents Lesson 13. Objectives.

What are the rules? Information technology is available to every student, faculty and staff member in support of the essential mission of the University.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Copyright © 2011 Wolters Kluwer Health | Lippincott Williams & Wilkins Chapter 3: A Blueprint for Compliance with the Privacy Rule.

Advertising 1 *The red circles show the position of the keyframes on the timeline. What are banner and pop-up advertisements? 1 Answer Banner and pop-up.

Protecting Your Computer By: Victoria Tuttle. There’s never enough you can do to protect your computer.

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

Copy of the from the secure website - click on the AccoridaLife.zip link.

Onguardonline.gov By Austin Kellogg. Main ideas  Protect your personal information  Know who your dealing with  Use security software that updates.

Kaspersky Small Office Security INTRODUCING New for 2014!

© 2014 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Technological Awareness for Teens and Young Adults.

Protection of Data 31 Protection of Data 31. Protection of Data 31 Having looked at threats, we’ll now look at ways to protect data: Physical Barriers.

Section 4 Policies and legislation AQA ICT A2 Level © Nelson Thornes Section 4: Policies and Legislation Legislation – practical implications.

222 About RPost Leader in security since 2000 Endorsed by more than 20 major bar/law associations Used by U.S. Government Used by insurance carriers.

Protecting PHI & PII 12/30/2017 6:45 AM

Managing Windows Security

E-Invoicing for Network Access Customers

24/7/365 Remote Computer Support

Introduction to the PACS Security

Presentation transcript:

Steps to Compliance: Electronic Devices Overview PRESENTED BY

Jason Karn Director Training and IT Total HIPAA Compliance Today’s Presenter

This program is educational and does not constitute, and may not be construed as, legal advice to, or creating an attorney-client relationship with, any person or entity. Housekeeping The materials referenced here are subject to change, so frequent review of the source material is suggested. 3

What We’ll Cover 4 Faxes Encrypting Data Encryption Password Protection Wi-Fi Website Security Cloud Storage Firewalls Virus Protection

Faxes Always use a cover sheet Secure fax machine Notify parties before sending faxes Send test fax before sending actual document Make sure fax machine isn’t saving any copies If possible send information via more secure method If you use online fax program, a Business Associate Agreement is required 5 Faxes with PHI sent to the wrong parties are considered an breach and must be recorded and reported to HHS!

Encryption All PHI must be encrypted in transit, rest, and storage Review compliance plan 128 bit encryption or better Review for ease of use Business Associate Agreement is required with provider 6

Data Encryption Make sure you store disk keys in a secure place! 7 Apple OSX Windows BitLock Windows 7 Enterprise & Ultimate Windows 8.1 DiskCryptor Operating Systems before Windows 7 FileVault2 Any OSX version

Password Protection First line of defense Make sure all devices have difficult passwords  8+ characters with numbers, upper and lower case letters, and special symbols Require password changes frequently as described in your Policies and Procedures Make sure passwords are memorized or use password management software 8

Wi-Fi Encrypt network using WPA2 with Advanced Encryption Standard (AES) If you allow patients to access Wi-Fi use a guest portal Do not use factory supplied password for router Consider limiting router power so network doesn’t reach beyond your practice 9

Website Security SSL/TLS License on site Force HTTPS on all pages to protect information Do not collect PHI through your website without proper protections BA Agreement with Web Host is required 10

Cloud Storage Review Cloud Storage Compliance Plan  What level encryption do they use?  Do they have access controls on data?  Audit trails?  Where do you get back ups in the event of a failure? Business Associate Agreement is Required 11

Virus Protection - Things to Look For 12 Scanning Download Protection Spyware and Malware Scans Speed Compatibility Privacy Policy Real-Time Information Heuristic Analysis Automatic Updates

HIPAA Resources 13 TotalHIPAA.com/resources Encryption Cloud Storage Firewalls Secure Texting File Sharing Form Collection Consultants HIPAA Breach Insurance

Special Thanks 14

Questions?