Presentation is loading. Please wait.

Presentation is loading. Please wait.

Eliza de Guzman HTM 520 Health Information Exchange.

Published byGary Stanley Modified over 8 years ago

Similar presentations

Presentation on theme: "Eliza de Guzman HTM 520 Health Information Exchange."— Presentation transcript:

1 Eliza de Guzman HTM 520 Health Information Exchange

2 INTRODUCTION The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop a regulations that will protect the privacy and security of certain health information. HHS published the most commonly known as the HIPAA Privacy Rule and HIPAA Security Rule to fulfill the required regulations. The Security Standards for the Protection of Electronic Protected Health Information (the Security Rule) established a national set of security standards to protect certain health information that is held or transferred in electronic form. The Security Rule can be measured by protecting that contains in the Privacy Rule by addressing the technical and non-technical safeguards that organizations called “cover- entities” that will put in place to secure individuals “electronic protected health information” (e-PHI).

3

4 WHO IS COVERED BY THE SECURITY RULE? Health care provider Health plans Health care clearinghouses Medicare Prescription Drug Card Sponsors

5 WHAT INFORMATION IS PROTECTED? Electronic Protected Health Information.

6 GENERAL RULES – COVERED ENTITIES 1.Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit; 2.Identify and protect against reasonably anticipated threats to the security or integrity of the information; 3.Protect against reasonably anticipated, impermissible uses or disclosures; and 4.Ensure compliance by their workforce.

7 Cont. Covered Entity – security measures to use: Its size, complexity, and capabilities, Its technical, hardware, and software infrastructure, The costs of security measures, and The likelihood and possible impact of potential risks to e-PHI.

8 RISK ANALYSIS AND MANAGEMENT Evaluate the likelihood and impact of potential risks to e- PHI; Implement appropriate security measures to address the risks identified in the risk analysis; Document the chosen security measures and, where required, the rationale for adopting those measures; Maintain continuous, reasonable, and appropriate security protections.

9 SECURITY RULE COMPLIANCE CONSIDERATIONS HIPAA compliance audits should be based on three things:  An Identification of the organization governance model.  A traditional screening  An Identification of the master rules Compliance Date : April 20, 2005 – April 20, 2006

10 HIPAA Security Rule audit process

11 SECURITY SAFEGUARDS Administrative Safeguards o Security Management Process o Assigned Security Responsibility o Workforce Security o Security Awareness and Training o Information Access Management o Security Incident Procedures o Contingency Plan o Evaluation o Business Associate Contracts and Other Arrangements

12 Cont. Physical Safeguards : o Facility Access Control o Workstation and Device Security Technical Safeguards o Access Control o Audit Control o Integrity Control o Person or Entity Authentication o Transmission Security

13 ORGANIZATIONAL REQUIREMENTS Covered Entity Responsibilities Business Associate Contracts

14 CHALLENGES Rapid increase of mobile devices User Training

15 SUMMARY OF THE HIPAA SECURITY RULE This is a summary of key elements of the Security Rule including who is covered, what information is protected, and what safeguards must be in place to ensure appropriate protection of electronic protected health information.

16 HIPAA SECURITY GAME http://www.healthit.gov/sites/default/files/cybersecure/cybersecure.html

Download ppt "Eliza de Guzman HTM 520 Health Information Exchange."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.

HIPAA Security Standards Emmanuelle Mirsakov USC School of Pharmacy.
Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.

Security Vulnerabilities and Conflicts of Interest in the Provider-Clearinghouse*-Payer Model Andy Podgurski and Bret Kiraly EECS Department & Sharona.
Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
HIPAA Health Insurance Portability and Accountability Act.

HIPAA Health Insurance Portability and Accountability Act.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.

CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.
HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.
Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.

Reviewing the World of HIPAA Stephanie Anderson, CPC October 2006.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.

Topics Rule Changes Skagit County, WA HIPAA Magic Bullet HIPAA Culture of Compliance Foundation to HIPAA Privacy and Security Compliance Security Officer.
HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.

HIPAA Privacy Rule Compliance Training for YSU April 9, 2014.
CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.

CAMP Med Building a Health Information Infrastructure to Support HIPAA Rick Konopacki, MSBME HIPAA Security Coordinator University of Wisconsin-Madison.
© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,

© Copyright 2014 Saul Ewing LLP The Coalition for Academic Scientific Computation HIPAA Legal Framework and Breach Analysis Presented by: Bruce D. Armon,
HIPAA COMPLIANCE FANTASTIC FOUR CASEY FORD MANINDER SINGH RANGER OLSOM Information Security in Real Business.

HIPAA COMPLIANCE FANTASTIC FOUR CASEY FORD MANINDER SINGH RANGER OLSOM Information Security in Real Business.
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.

ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.

Similar presentations

Ads by Google