Tom Furlani, Center for Computational Research University at Buffalo, October 15, 2015 Coexisting with Protected Health Information at CCR.

Slides:

Advertisements

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

1 Chapter 11: Data Centre Administration Objectives Data Centre Structure Data Centre Structure Data Centre Administration Data Centre Administration Data.

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.

Risk Assessment Robert Morris VP Business Services Ion IT Group, Inc

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:

SAN DIEGO SUPERCOMPUTER CENTER Emerging HIPAA and Protected Data Requirements for Research Computing at SDSC Ron Hawkins Director of Industry Relations.

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

Randy Benson RHQN Executive Director May, Compliance Issues During Survey Compliance Officers monitor healthcare facilities (hospitals and clinics)

Tom Lewis Director, Academic & Collaborative Applications University of Washington.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

Dell Compellent and SafeNet KeySecure

The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.

HealthNet connect Telehealth

Maine Cyber Security Cluster. WHO WE ARE… University of Southern Maine and the Maine System State and Local Government Business and Industry National.

AFCOM Facility Presentation Directlink Technologies Corp. April 8, 2011.

Informatics And The New Healthcare System Information Technology Will Provide the Platform for Quality Improvement in Healthcare for the 21 st Century.

Information Security in Real Business

Steps to Compliance: Electronic Devices Overview PRESENTED BY.

Addressing Information Security at Heller October 16, 2013 secureHeller.

Step 1: A.User enters id/pw for FI: encrypted in Quicken PIN vault B.Id/pw transmitted to Intuit CustomerCentral Servers at NCR using 128 bit SSL Step.

Security and Confidentiality Practices - Houston Dept. of Health and Human Services Jerald Harms, MPH, CART and Jeff Meyer, MD, MPH HIV/AIDS Surveillance.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Clinic Security and Policy Enforcement in Windows Server 2008.

Ohio Shared Information Services & Meaningful Use Jeff Lowrance, CHCIO CEO OSIS June 18, 2010.

. Bartosz Lewandowski. Center of e-Infrastructure National Research and Education Network PIONIER National Research and Education Network PIONIER Research.

Application Overview. Network Zone User Zone – Client Layers.

1 Developing a Data Management Plan C&IT Resources for Data Storage and Data Security Patrick Gossman Deputy CIO for Research January 16, 2014.

Dell Connected Security Solutions Simplify & unify.

Group 2: Marco Hidalgo Wesley Lao Michelle Marquez-Lim

Confidentiality and Security Issues in ART & MTCT Clinical Monitoring Systems Meade Morgan and Xen Santas Informatics Team Surveillance and Infrastructure.

DISCOVER IT PEACE OF MIND Staying HIPAA-Compliant Revised: April 13, 2015.

SECURITY & THE UNIVERSITY INCLUDING A HOSPITAL October 3, 2008 Doyle Friskney Chief Technology Officer University of Kentucky.

Outline IT Organization SciComp Update CNI Update

Computational Infrastructure Ion I. Moraru. UConn Health HPC Facility Originated out of the computational needs of another NIH P41 grant (NRCAM, continuously.

The analyses upon which this publication is based were performed under Contract Number HHSM C sponsored by the Center for Medicare and Medicaid.

MISSION CRITICAL COLOCATION 360 Technology Center Solutions.

Chapter 2 Standards for Electronic Health Records McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved.

Murphy’s Law If anything can go wrong, it will.. 2 Data Security and Confidentiality “… a firm belief in Murphy’s Law and in the necessity to try and.

CVT Technology Solutions Private Ltd

Privacy in Healthcare Challenges Associated with Implementing Privacy in an Electronic Health Records Environment John P. Houston, J.D. Vice President,

November 18, 2014 Centers for Medicare and Medicaid Services Virtual Research Data Center.

MICROSOFT AZURE ISV PROFILE: D-SCOPE SYSTEMS D-Scope Systems is an enterprise-level medical media product and integration specialist company. It provides.

Introducing Microsoft Azure Government Steve Read Barbara Brucker.

Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.

Tom Furlani Director, Center for Computational Research SUNY Buffalo Metrics for HPC September 30, 2010.

Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &

Replace with Application Image Metrix Insights Leverages Internet of Things, Big Data to Deliver Actionable Healthcare Intelligence via Azure and Cortana.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Be Microsoft’s first and best customer Enabling world-class and predictable customer, client, and partner experience Protecting Microsoft’s physical and.

The Right Choice for Call Recording Voice Documentation for Healthcare HIPAA Compliant Communications Documentation.

QIP Education Session INFORMATION SECURITY Joseph Zurba Information Security & IT Compliance Officer Harvard Medical School February 16, 2015.

Liberty Mutual Group Asset Management Inc. Group Liberty Mutual Group Asset Management Inc. Business Continuity & Securing Your Data Our responsibilities.

BMED DEPARTMENT. what you want Do you know to be when you grow up?

Managed IT Services JND Consulting Group LLC

Dirk Zimoch, EPICS Collaboration Meeting October SLS Beamline Networks and Data Storage.

February 3, 2009 Bridging Academic and Medical Cultures Academic Research Systems and HIPAA William K. Barnett Anurag Shankar.

Nexbase Invites You To Our Special Products

Overview of IT at UAB IT Organization Services Provided

Barracuda Networks Creates Next-Generation Security Solutions That Enable Customers to Accelerate Their Adoption of Microsoft Azure MICROSOFT AZURE APP.

DIRECTOR OF CLOUD SERVICES

IS4550 Security Policies and Implementation

UNM Enterprise Firewall

County HIPAA Review All Rights Reserved 2002.

The Practical Side of Meaningful Use:

CEBAF Control System Access

Information Assurance & Network Security Certificate

FDA Sentinel Initiative

HIPAA Compliance SaaS Platform

Big Data Analytics in Healthcare

Presentation transcript:

Tom Furlani, Center for Computational Research University at Buffalo, October 15, 2015 Coexisting with Protected Health Information at CCR

Tom’s Guiding Principles to Storing HIPAA Data Avoid doing it if possible If not possible, find someone else to be responsible Be sure they are not housing your EMR data

PHI Data in CCR Treat them like a leper (just kidding) PHI racks isolated in CCR datacenter A distinct entity (IHI) Separate director and IT support staff Full time HIPAA compliance officer PHI racks in CCR isolated within a cage IHI card access separate from machine room access

>100Tb self-encrypting data repository with expansion capability 24x7 access control system, CCTV data center surveillance, and outside perimeter monitoring with video capture systems monitored by Roswell Park Security officers Security card reader access to facility, data center and IHI secured area 18 individually locked racks that are fully monitored for access, network, power, and cooling utilization Managed and Monitored Firewall Service, including vulnerability management services, real-time, 24x7x365 security event and log monitoring, analysis and response by Global Information Assurance Certification (GIAC) certified security analysts Encryption of data at rest and in motion Remote access via VPN only Virtual Desktop Infrastructure with no access to removable media Continuous antivirus and malware monitoring Segregated primary internet connection to the UB Fiber backbone IHI HIPAA-compliant security infrastructure

Institute for Healthcare Informatics (IHI) Data at the IHI includes:  UBMD Physicians’ Group: over 400 providers entering identified patient data over 6 years.  HealthNow: insurance claims on limited diagnosis over 7 years IHI Services  All services provided require strict security protocols and approvals by the institutional review board (IRB).  Services include data management, data aggregation, subject matter experts (SMEs), data modeling expertise and data warehousing.. IHI Data Hosting  Provide secure computing infrastructure to host researchers data.

IHI Clinical Data Repository (CIDR) 1,700,000 Patient records 59,000,000 claims 115,870,000 diagnosis 42,600,000 prescriptions 4,850,000 observations >1,000,000 million lab results

High Performance Computing Center for Computational Research Genomics, Proteomics & Bioinformatic Resources NYS Center of Excellence and Life Science Healthcare Data and Analysis Institute for Healthcare Informatics Tying It All Together at UB Clinical data, Genomic data, and computing horsepower

The non-PHI Side: UB’s Genomics, Bioinformatics and HPC Capabilities Research Scientists/ Industry Partners UB Next-Gen Sequencing: data generation and bioinformatics analysis Center for Computational Research  170 Tflops Total Aggregate Compute Capacity  11,400 cores; including $1.2M ESD CFA Award – HPC Cluster for Economic Dev  3.2 PB of High Performance Storage (GPFS)  Major Upgrades Planned for 2015  ~0.5 Tbyte of data a day  300 Billion sequence bases a day  100 human genomes a day UB Next-Gen Bioinformaticians computing on CCR resources