Presentation is loading. Please wait.

Presentation is loading. Please wait.

Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture a This material (Comp7_Unit7a) was developed by.

Published byBerenice Craig Modified over 8 years ago

Similar presentations

Presentation on theme: "Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture a This material (Comp7_Unit7a) was developed by."— Presentation transcript:

1 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture a This material (Comp7_Unit7a) was developed by Johns Hopkins University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC00013.

2 Protecting Privacy, Security, and Confidentiality in HIT Systems Learning Objectives—Lecture a Explain and illustrate privacy, security, and confidentiality in HIT settings. Identify common threats encountered when using HIT. Formulate strategies to minimize threats to privacy, security, and confidentiality in HIT systems. 2 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

3 Electronic Health Information Risks and Opportunities Access to electronic vs. paper records Public apprehension around digitization of health information Success of HIT systems depends on ensuring patient privacy Security can facilitate patient-centered care 3 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

4 Privacy, Confidentiality, Security Defined Privacy: patient is in control Confidentiality: only authorized individuals are allowed access Security: controls/safeguards that ensure confidentiality 4 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

5 Security Management System Standards International Organization for Standardization (ISO) 27001 National Institute of Standards (NIST) 800-53 Health Insurance Portability and Accountability Act (HIPAA) 5 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

6 Health Insurance Portability and Accountability Act (HIPAA) and Protected Health Information (PHI) Health Insurance Portability and Accountability Act of 1996 Privacy Rule (effective 2003) Security Rule (effective 2005) HITECH Act of 2009 Civil and criminal penalties 6 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

7 Patients Rights Under HIPAA Under HIPAA, patients health information rights include: Right to access their health information Right to an accounting of disclosures of their health information Right to correct or amend their health information Right to notice of privacy practices Right to file a complaint 7 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

8 Types of Security Safeguards Administrative Safeguards Physical Safeguards Technical Safeguards 8 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

9 Administrative Safeguards Security Management Process –Risk Analysis –Risk Management –Sanction Policy –System Activity Review 9 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

10 Administrative Safeguards Assigned Security Responsibility –Security officer 10 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

11 Administrative Safeguards Workforce Security, Information Access Management –Who can and who cannot have access –Who determines who can have access and how –Employee turnover –Contractors –User roles 11 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

12 Administrative Safeguards Security Awareness and Training –Training –Security reminders –Log-in monitoring –Password management 12 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

13 Administrative Safeguards Security Incident Procedures Contingency Plan –Data backup –Disaster recovery –Emergency operation plan 13 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a Courtesy of the US Centers for Disease Control and Prevention

14 Administrative Safeguards Evaluation Business Associate Agreements 14 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

15 Protecting Privacy, Security, and Confidentiality in HIT Systems Summary—Lecture a Privacy, security, and confidentiality in HIT settings Common threats encountered when using HIT Strategies to minimize threats to privacy, security, and confidentiality in HIT systems 15 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

16 Protecting Privacy, Security, and Confidentiality in HIT Systems References—Lecture a References The Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information. c2008. Available from: http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/NationwidePS_Framework- 5.pdf http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/NationwidePS_Framework- 5.pdf Images Slide 5: Cover Sheet from an National Institute of Standards and Technology (NIST) Information Security Document. Courtesy National Institute of Standards (NIST). Slide 9: Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information. 2008. Available from: http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/NationwidePS_Framework-5.pdf Slide 10: Security Operations in Action. Courtesy Centers for Disease Control. Slide 11: A New ISIS Video Camera. Courtesy Department of Homeland Security. Available from: http://www.dhs.gov/files/programs/gc_1273160563362.shtmI Slide 12: A Regularly Scheduled Security Awareness Training Session. Image courtesy CDC. Slide 13: “Symposium on Diversity, Leadership Development and Succession Planning” at the CDC. Courtesy CDC. Slide 14: Doctor Looking Through Medical Records. Courtesy HHS. Slide 15: Centers for Disease Control’s Activity Lead for the Division of Specialized Media, Pete Seidel. Courtesy CDC. 16 Health IT Workforce Curriculum Version 3.0/Spring 2012 Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems—Lecture a

Download ppt "Working with Health IT Systems Protecting Privacy, Security, and Confidentiality in HIT Systems Lecture a This material (Comp7_Unit7a) was developed by."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health

H = P = A = HIPAA DEFINED HIPAA … A Federal Law Created in 1996 Health
Component 1: Introduction to Health Care and Public Health in the U.S. Unit 6: Regulating Health Care Lecture 4 This material was developed by Oregon Health.

Component 1: Introduction to Health Care and Public Health in the U.S. Unit 6: Regulating Health Care Lecture 4 This material was developed by Oregon Health.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.

The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
Confidentiality and HIPAA

Confidentiality and HIPAA
HIPAA Privacy Rule Training

HIPAA Privacy Rule Training
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
HIPAA What’s New? 2010. What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.

HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.
Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.

Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
HIPAA THE PRIVACY RULE Reviewed December 2012 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-

HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-

Similar presentations

Ads by Google