Presentation is loading. Please wait.

Presentation is loading. Please wait.

Steps to Compliance: Electronic Devices Overview PRESENTED BY.

Published byCameron Lindsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Steps to Compliance: Electronic Devices Overview PRESENTED BY."— Presentation transcript:

1 Steps to Compliance: Electronic Devices Overview PRESENTED BY

2 Jason Karn Director Training and IT Total HIPAA Compliance Today’s Presenter

3 This program is educational and does not constitute, and may not be construed as, legal advice to, or creating an attorney-client relationship with, any person or entity. Housekeeping The materials referenced here are subject to change, so frequent review of the source material is suggested. 3

4 What We’ll Cover 4 Faxes Encrypting Email Data Encryption Password Protection Wi-Fi Website Security Cloud Storage Firewalls Virus Protection

5 Faxes Always use a cover sheet Secure fax machine Notify parties before sending faxes Send test fax before sending actual document Make sure fax machine isn’t saving any copies If possible send information via more secure method If you use online fax program, a Business Associate Agreement is required 5 Faxes with PHI sent to the wrong parties are considered an breach and must be recorded and reported to HHS!

6 Email Encryption All PHI must be encrypted in transit, rest, and storage Review compliance plan 128 bit encryption or better Review for ease of use Business Associate Agreement is required with provider 6

7 Data Encryption Make sure you store disk keys in a secure place! 7 Apple OSX Windows BitLock Windows 7 Enterprise & Ultimate Windows 8.1 DiskCryptor Operating Systems before Windows 7 FileVault2 Any OSX version

8 Password Protection First line of defense Make sure all devices have difficult passwords  8+ characters with numbers, upper and lower case letters, and special symbols Require password changes frequently as described in your Policies and Procedures Make sure passwords are memorized or use password management software 8

9 Wi-Fi Encrypt network using WPA2 with Advanced Encryption Standard (AES) If you allow patients to access Wi-Fi use a guest portal Do not use factory supplied password for router Consider limiting router power so network doesn’t reach beyond your practice 9

10 Website Security SSL/TLS License on site Force HTTPS on all pages to protect information Do not collect PHI through your website without proper protections BA Agreement with Web Host is required 10

11 Cloud Storage Review Cloud Storage Compliance Plan  What level encryption do they use?  Do they have access controls on data?  Audit trails?  Where do you get back ups in the event of a failure? Business Associate Agreement is Required 11

12 Virus Protection - Things to Look For 12 Email Scanning Download Protection Spyware and Malware Scans Speed Compatibility Privacy Policy Real-Time Information Heuristic Analysis Automatic Updates

13 HIPAA Resources 13 TotalHIPAA.com/resources Email Encryption Cloud Storage Firewalls Secure Texting File Sharing Form Collection Consultants HIPAA Breach Insurance

14 Special Thanks 14

15 Questions?

Download ppt "Steps to Compliance: Electronic Devices Overview PRESENTED BY."

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Steps to Compliance: Managing Business Associates PRESENTED BY.

Steps to Compliance: Managing Business Associates PRESENTED BY.
Are You Smarter Than a 5 th Grader? 1,000,000 E-MAIL Blog Online Search Kindle? Documents? Backup Virus click here! Downloading Music Expiration Date?

Are You Smarter Than a 5 th Grader? 1,000,000 Blog Online Search Kindle? Documents? Backup Virus click here! Downloading Music Expiration Date?
Forming Your HIPAA Compliance Plan PRESENTED BY. Daniel B. Brown, Esq. Healthcare Attorney Taylor English Duma LLP Jason Karn Director Training and IT.

Forming Your HIPAA Compliance Plan PRESENTED BY. Daniel B. Brown, Esq. Healthcare Attorney Taylor English Duma LLP Jason Karn Director Training and IT.
Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.

Jill Moore April 2013 HIPAA Update: New Rules, New Challenges.
Privacy, Security, Confidentiality, and Legal Issues

Privacy, Security, Confidentiality, and Legal Issues
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Unit 11 Communication & Collaboration.  Identify different communication methods  Identify advantages of electronic communication  Identify common.

Unit 11 Communication & Collaboration.  Identify different communication methods  Identify advantages of electronic communication  Identify common.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
1 CLOUD AND SaaS-BASED PLATFORMS: ENSURING DATA PRIVACY May, 2011.

1 CLOUD AND SaaS-BASED PLATFORMS: ENSURING DATA PRIVACY May, 2011.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Steps to Compliance: Bring Your Own Device PRESENTED BY.

Steps to Compliance: Bring Your Own Device PRESENTED BY.
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
Patient Consent The Massachusetts Health Information Highway www.masshiway.net.

Patient Consent The Massachusetts Health Information Highway
Steps to Compliance: Risk Assessment PRESENTED BY.

Steps to Compliance: Risk Assessment PRESENTED BY.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.

Beyond HIPAA, Protecting Data Key Points from the HIPAA Security Rule.
1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.

1 of 13 Back to Start Working Remotely Your company’s Windows SBS computer network makes it easy for you and your coworkers to work remotely—and to stay.

Similar presentations

Ads by Google