Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Project Framework & Structure HIPAA Summit Brent Saunders

Published byHenry Cain Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy Project Framework & Structure HIPAA Summit Brent Saunders"— Presentation transcript:

1 Privacy Project Framework & Structure HIPAA Summit Brent Saunders 202-414-1031brenton.saunders@us.pwcglobal.com

2 2 Philosophy and Approach to Privacy Six key concepts drive the project philosophy: Primary focus on business drivers, secondary on regulatory drivers Privacy and security programs should be well coordinated (information protection) Good faith efforts and documentation are essential to demonstrate compliance Approach privacy as a series of manageable implementation projects Integrate privacy and security programs into existing organizational structure and reporting realities Partner compliance and business resources The approach recognizes that, beyond legal and regulatory requirements, information protection is an emerging business imperative, whether it’s employee, patients, members, clinical and/or corporate information

3 3 An Approach – Implementing a Privacy Program Assessment vs. Implementation Projects should be developed by teams and refined with the business people/department to meet your organization’s business needs, processes and environment An “implementation” approach can be broken down into the following phases: –Project Organization and Impact –Program and Project Structure Refinement –Detail Planning/Rollout –Implementation

4 4 Project Management and Quality Assurance Phase I – Project Organization Phase II – Program and Project Structure Refinement Phase III – Detail Planning and Rollout Phase IV – Implementation Privacy Laws and Regulations - Impact Analysis Set Expectations, Objectives, Approach Organizational and Legal Analysis Project Management Setup and Initiation Goals & Strategic Direction Document Review Develop Integrated Project Plan Project Management Build Detailed Project Plans Information Flow Analysis Launch Privacy & related Security Projects Finalize Project Management Structure The 4 Phases Needs Assessment Project Identification Assign Project Accountability Awareness Training (as needed) Ongoing Oversight (as needed) Specific Project Assistance (as needed) Progress Validation (as needed) Compliance Maintenance

5 5 Steering Committee V.P.-level members from Compliance, Legal, and Functional areas Establish mission Obtain support from senior management Steering Committee V.P.-level members from Compliance, Legal, and Functional areas Establish mission Obtain support from senior management Project Management Privacy Office Develop and coordinate risk-management and compliance activities Project Management Privacy Office Develop and coordinate risk-management and compliance activities Work Groups Work Groups established for each functional area, e.g., medical records, finance Work Groups Work Groups established for each functional area, e.g., medical records, finance Business Processes Maintain compliance Oversigh t Strategy Monitor compliance Develop and oversee training Assist and support business units Oversigh t Data mapping Gap analysis Implementatio n Strategy Report findings

6 6 Ongoing Program Organization Compliance Model Hub and Spoke Model Privacy Committee Model Legal Model IT Model

Download ppt "Privacy Project Framework & Structure HIPAA Summit Brent Saunders"

Similar presentations

Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS 1 1 1.

Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS
Organizational Governance

Organizational Governance
. . . a step-by-step guide to world-class internal auditing

. . . a step-by-step guide to world-class internal auditing
Electronic Medical Records: Implications of HIPAA for Selecting and Implementing an EMR Todd Frech Senior Partner www.ociusmedinfo.com.

Electronic Medical Records: Implications of HIPAA for Selecting and Implementing an EMR Todd Frech Senior Partner
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.

What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
How to Document A Business Management System

How to Document A Business Management System
Risk & Safety Presentation January 8, 2013 Bryan Sabari, CUSP Manager Corporate Safety 425-213-2149

Risk & Safety Presentation January 8, 2013 Bryan Sabari, CUSP Manager Corporate Safety
Baseline Assessments / Swim Lane Diagrams Presented by: Helen C. Burch, MBA Managed Care Advisors, Inc.

Baseline Assessments / Swim Lane Diagrams Presented by: Helen C. Burch, MBA Managed Care Advisors, Inc.
Implementing SMS in Civil Aviation: the Canadian Perspective.

Implementing SMS in Civil Aviation: the Canadian Perspective.
Contractor Management and ISO 14001:2004

Contractor Management and ISO 14001:2004
Security Controls – What Works

Security Controls – What Works
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Coordinating Center Overview November 18, 2010 SPECIAL DIABETES PROGRAM FOR INDIANS Healthy Heart Project Initiative: Year 1 Meeting 1.

Coordinating Center Overview November 18, 2010 SPECIAL DIABETES PROGRAM FOR INDIANS Healthy Heart Project Initiative: Year 1 Meeting 1.
Diversity in Policing Project & Beyond.

Diversity in Policing Project & Beyond.
Center for Health Care Quality Licensing & Certification Program Evaluation 1 August 2014 rev.

Center for Health Care Quality Licensing & Certification Program Evaluation 1 August 2014 rev.
Corporate Ethics Compliance *

Corporate Ethics Compliance *
Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.

Building a Compliance Risk Monitoring Program HCCA Compliance Institute New OrleansApril 19, 2005 Lois Dehls Cornell, Esq. Assistant Vice President, Deputy.

Similar presentations

Ads by Google