Internet2 Health Sciences Security Jere Retzer, OHSU March 7, 2001.

Slides:



Advertisements
Similar presentations
National HIT Agenda and HIE John W. Loonsk, M.D. Director of Interoperability and Standards Office of the National Coordinator Department of Health.
Advertisements

1 Healthcare Informatics Landscapes, Roadmaps, and Blueprints: Towards a Business Case Strategy for Large Scale Ontology Projects Intergovernmental Health.
NISTs Role in Securing Health Information AMA-IEEE Medical Technology Conference on Individualized Healthcare Kevin Stine, Information Security Specialist.
Legal Work Group Developing a Uniform EHR/HIE Patient Consent Form.
Institute of Medicine Report:
THE IOM / RWJF INITIATIVE ON THE FUTURE OF NURSING REPORT: What Does it Mean for Nursing and Michigan 2010 MONE Conference Michael R. Bleich, PhD, RN,
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
Presents: Weekly HIPAA Teleconference Revised
NAU HIPAA Awareness Training
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
ITEC 6324 Health Insurance Portability and Accountability (HIPAA) Act of 1996 Instructor: Dr. E. Crowley Name: Victor Wong Date: 2 Sept
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
Building a Foundation for Greater Health Access. The Missouri Action Coalition is supported by the AARP Future of Nursing Campaign for Action and the.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Introduction to Health Care Information
Workshop on High Confidence Medical Device Software and Systems (HCMDSS) Research & Roadmap June 2-3, 2005 Philadelphia, PA. Manufacturer/Care-Giver Perspective.
Page 1 Issues in and perspectives on electronic authentication of health professionals Pascal POITEVIN Marketing and Communication manager GIP-CPS e-Health.
Maple Valley MultiCare Clinic Level III NCQA Certified Patient Centered Medical Home.
Training Adult Learners to Use EMR Technology Ruth Bowen Susan Thomas.
Enabling a Medical Home With a Patient Communication Strategy Jeanette Christopher Northwest Primary Care Group, P.C.
Copyright © 2005 Thomson Delmar Learning. ALL RIGHTS RESERVED.1 This product was funded by a grant awarded under the President’s Community-Based Job Training.
HIPAA PRIVACY AND SECURITY AWARENESS.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
Exam 1 Review MIS 4243.
Company LOGO Data Privacy HIPAA Training. Progress Diagram Function in accordance Apply your knowledge Learn the Basics Orientation Evaluation Training.
ConnectMe Authority Strategic Plan May Broadband Strategy – Healthcare For the healthcare industry: The Authority will work with decision makers.
MaceMed and Related Activities Rob Carter Duke University 12 January 2001.
 C HAPTERS 14 & 15 Code Blue Health Science Edition 4.
Chapter 2 Standards for Electronic Health Records McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved.
Security of the Distributed Electronic Patient Record: A Case-Based Approach James G. Anderson, Ph.D. Purdue University.
Internet2 Health Sciences: Leadership Team Report Mary Kratz Chair, Internet2 Health Sciences Working Group Internet2 Spring 2001 Member Meeting March.
National Institute of Standards and Technology Technology Administration U.S. Department of Commerce NIST/ATP Initiatives in Telehealth Richard N. Spivack,
State HIE Program Chris Muir Program Manager for Western/Mid-western States.
PKI Forum Business Panel March 6, 2000 Dr. Ray Wagner Sr. Director, Technology Research.
Eliza de Guzman HTM 520 Health Information Exchange.
Outcomes Methods RRC-Internal Medicine Educational Innovations Project: Clinical Quality Improvement and Patient Safety- Deliverables to Healthcare from.
Seeking a National Standard for Security: Developing a Systematic Crosswalk of the Final HIPAA Security Rule, the NIST SP , NIST SP Security.
Medical Manager Unit 9 ICBS 170. Medical Manager Electronic Data Interchange (EDI)  Ability to request, receive, transfer and integrate information electronically.
One Academic Medical Center’s Response to HIPAA David McKelvey DUHS January 12, 2001.
10/29/2000 Internet2 Health Sciences Security Working Group Planning Jere Retzer,
HIT FINAL EXAM REVIEW HI120.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 5 Personal Health Records Electronic Health Records for Allied.
The U. S. Health Care System Challenges, Opportunities and Solutions Fifth National HIPAA Summit Clinical Data Standards and the Creation of an Interconnected,
State Alliance for e-Health Michelle Lim Warner, MPH Senior Policy Analyst NGA Center for Best Practices
MedMid Working Group Steve Olshansky, Internet2 28 October 2002 Medical Middleware.
Nursing My specific job My specific job is a RN coordinator.
The Electronic Personal Health Record (ePHR) Beth Friedmann CS Spring 2007.
HELWAN UNIVERSITY Faculty of engineering Biomedical department Hospitals Organization and administrative structure :Presented by : Sara Mousa Ismail Dr\Mohammed.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
Comparative Effectiveness Research (CER) and Patient- Centered Outcomes Research (PCOR) Presentation Developed for the Academy of Managed Care Pharmacy.
Denise Chrysler, JD Director, Mid-States Region
Educause/Internet 2 Computer and Network Security Task Force
Presentation Developed for the Academy of Managed Care Pharmacy
Corporate Overview CPSI Founded 1979 Executive Office - Mobile, AL.
Solutions to promote science and technology activity of young lecturers in the context of internationalization Dr. Nguyen Van Tam
Health Information Exchange: Alaska’s Health Pipeline
Commonwealth of Virginia Health Information Technology
Presentation Developed for the Academy of Managed Care Pharmacy
HIMSS National Conference New Orleans Convention Center
Clinical and Translational Science Awards Program
Rationale and related efforts Brief Progress Report
Lesson 1: Introduction to HIPAA
Auditing Compliance with the Privacy Rule
Privacy in Nationwide Health IT
Patient Safety Institute
ONC Update for HITSP Board
SAMPLE ONLY Dominion Health Center: Excellence in Medicaid Managed Care (or another defining message) Dominion Health Center is a community health center.
SAMPLE ONLY Dominion Health Center: Your Community Healthcare Home (or another defining message) Dominion Health Center is a community health center.
Health Information Exchange for Eligible Clinicians 2019
Presentation Developed for the Academy of Managed Care Pharmacy
Presentation transcript:

Internet2 Health Sciences Security Jere Retzer, OHSU March 7, 2001

2 Security Initiatives Topics to be discussed HIPAA raising awareness of security and privacy as an important issue MACEmed collaboration Potential Med-CERT Secure operating systems Priority Tasks

3 HIPAA GASP workshops developing best practices recommendations Do we need to complement this with I2 Resources/expertise? How does this fit with the I2 mission? Funding?

4 MACEmed Collaboration Bulk of MACEmed related to secure inter- institutional access: Identification, Directories, PKI, Shibboleth (authentication and authorization) Develop scenarios/templates for inter- institutional access to be used in with Shibboleth, directories (examples follow): worthwhile effort? Group to refine? PKI Co-laboratories

5 Inter-Institutional Access Scenarios 1.Visiting physician/nurse/other licensed caregiver: [caregiver type] with a valid certificate issued by the [credential authority certificate] (state medical association for example) either locally certified by [office signature] or else employed by [entity certificate] is authorized patient information for patients assigned to [clinic name(s), inpatient, nursing unit, or physician] and authorized access to the following network resources [public drives, Internet, printers within [group name]] 2.Resident with valid certificate issued by [office managing residents] is authorized general patient information for patients assigned to [clinic name(s), inpatient, nursing unit, or physician] and authorized access to the following network resources [assigned drive, department [name] drive, public drives, Internet, printers within [general or group name], ]

6 Inter-Institutional Access Scenarios State health department with valid certificate issued by [self or federal PKI?] authorized access to information of the following types: [public health, immunization, state health insurance claims] 4.Health insurance companies with valid certificate issued by [state health dept or federal PKI?] authorized access to information required to process insurance claims against [company name] for [policy holders with current policy] 5.Employees assigned to the group [admitting certificate] are authorized access to the following information for inpatients [assigned room, anticipated discharge date] and to the following nonpatient services [list names, for example time and attendance, purchasing] and to [general network resources]

7 Inter-Institutional Access Scenarios Employees assigned to the group [laboratory name certificate] are authorized access to [lab name schedule, lab name results] to the following nonpatient services [list names, for example time and attendance, purchasing] and to [general network resources] 7.Employees assigned to the group [physician or nurse certificate] are authorized access patient information for patients assigned to [general, clinic name(s), inpatient, nursing unit, or physician] and to the following nonpatient services [list names, for example time and attendance, purchasing] and to [general network resources] 8.Employees assigned to the group [non caregiver] are authorized access to the following nonpatient services [list names, for example time and attendance, purchasing] and to [general network resources]

8 PKI Co-laboratories Healthkey discussion What are the issues, desired outcomes from an Internet2 perspective? How should Internet2 participate?

9 Potential Med-CERT National Research Council For the Record: Protecting Electronic Health Information, National Academy Press 1997, ISBN ISBN recommendation 2.2: “Congress should provide initial funding for the establishment of an organization for the health care industry to promote greater sharing of information about security threats, incidents, and solutions throughout the industry” Med-CERT would (1) acquire reports of incidents; (2) define best practices; (3) recommend standards; (4) define needed research; (5) liaise between health care and computer security; Should this be a priority for Internet2 and Academic Medical Centers, particularly in light of efforts needed to implement HIPAA?

10 Secure Operating Systems I2 Health Sciences Security Roadmap includes an item for secure operating systems to overcome deficiencies of the current complex, insecure clients Recent discussion of open source health care software for mobile providers may be one avenue to tackle this need

11 Priority Tasks What should be our priority efforts? What resources can we bring to the table and how can we expand our effort? Which of these items do members of the leadership team want to take for action?

12 TM

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.