evv security and privacy approach
play

EVV Security and Privacy Approach Marguerite Marsh, HIPAA Privacy - PowerPoint PPT Presentation

Jan 23, 2024 •344 likes •444 views

EVV Security and Privacy Approach Marguerite Marsh, HIPAA Privacy Officer Matt Williams, Bureau Chief, Information Security and Technology 1 What is HIPAA? 2 HIPAA What: Health Insurance Portability and How: Congress mandated the establishment

  1. EVV Security and Privacy Approach Marguerite Marsh, HIPAA Privacy Officer Matt Williams, Bureau Chief, Information Security and Technology 1

  2. What is HIPAA? 2

  3. HIPAA What: Health Insurance Portability and How: Congress mandated the establishment Accountability Act of Federal standards for the privacy of individually identifiable health information. Why: P ersonal health information could be When: 1996 distributed — without either notice or authorization — for reasons that had nothing to do with a patient’s medical treatment or health Who: U.S. Department of Health & Human care reimbursement. Services 3

  4. HIPAA – What data protections are required? Privacy rule Security rule » Administrative safeguards » Technical safeguards » Physical safeguards 4

  5. Security and Privacy Safeguards Administrative Safeguards: Organizational policies, procedures, and maintenance of security measures. Technical Safeguards: The technology, policies, and procedures for the use and protection of electronic protected health information. Physical Safeguards: Physical measures, policies, and procedures to protect a covered entity's electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion. 5

  6. Vendor Management Contractual requirements to support the safeguards • Provisions covering » Technology and security standards, policies, and procedures » Third party assessments and certification » Acknowledgement and agreement to enforce adequate safeguards for the contractors BAAs 6

  7. Incident handling • Initial triage » Determination of an incident or breach • Investigation » Identify what happened » Identify the scope and impact • Root cause analysis » Identify how it happened • Corrective action plan » Put safeguards in place to make sure it doesn’t happen again • Notification » If appropriate 7

  8. There are no magic bullets This is a team effort • Consumers and providers have a responsibility to protect data. » Consumers – If you see providers or others mishandling data, report it to the their organization or the Department of Medicaid » Providers – If you see coworkers or consumers mishandling data report it to your organization or the Department of Medicaid • Patient data or incident details cannot be shared on social media Will this stop every incident? 8

  9. Thank you! 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A New Approach to Online Location Privacy W3C Workshop: Security for Access to Device APIs from

A New Approach to Online Location Privacy W3C Workshop: Security for Access to Device APIs from

A New Approach to Online Location Privacy W3C Workshop: Security for Access to Device APIs from the Web December 10, 2008 John Morris Center for Democracy & Technology 1 Need for New Approach Current failed model for privacy on the web

227 views • 7 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY Christian Kaestner with slides from Eunsuk Kang Required reading: Hulten, Geoff. "Building Intelligent Systems: A Guide to Machine Learning

1.95k views • 113 slides
Caradoc: a Pragmatic Approach to PDF Parsing and Validation IEEE Security & Privacy LangSec

Caradoc: a Pragmatic Approach to PDF Parsing and Validation IEEE Security & Privacy LangSec

Caradoc: a Pragmatic Approach to PDF Parsing and Validation IEEE Security & Privacy LangSec Workshop 2016 Guillaume Endignoux Olivier Levillain Jean-Yves Migeon cole Polytechnique, France EPFL, Switzerland ANSSI, France Thursday 26 th

842 views • 35 slides
S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks

S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks

FAKULTT FR !NFORMATIK Faculty of Informatics S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks Pedro Moreno-Sanchez Blockchain Summer School BDLT19 Vienna, Sep 2nd 2019 Blockchain Research

1.41k views • 73 slides
How to capture, model, and verify the knowledge of legal, security, and privacy experts: a

How to capture, model, and verify the knowledge of legal, security, and privacy experts: a

Universit degli Studi di Trento How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach L. Compagna, P. El Khoury F. Massacci , N. Zannone R. Thomas Security Research Dept.

357 views • 14 slides
Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much

Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much

Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much easier if there were someone we could all TRUST with our data Be8er data mining -- using MORE data, while respec@ng users PRIVACY

888 views • 35 slides
Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

CS 563 - Advanced Computer Security: Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI) Administrative Learning Objectives : Consider the difference between security and privacy Discuss work

814 views • 43 slides
Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned Did you know... 77 percent of all Americans feel their personal health information privacy is very important, and 84 percent said they

769 views • 50 slides
How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and

How Badly Broken is Privacy Legislation? And what can we do to fix it? 17th Annual Privacy and Security Conference Privacy and Security by Choice, not Chance Afternoon Workshop Wednesday February 3, 2016 Victoria, B.C. Canada Gerry Bliss

1.11k views • 63 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director

The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director

The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director Global Privacy & Security by Design Centre Technion Summer School on Cyber Security Haifa, Israel September 9, 2020 Lets Dispel The Myths

929 views • 55 slides
Health Insurance Portability and Accountability Act (HIPAA): Breach Notification Rule April 2019

Health Insurance Portability and Accountability Act (HIPAA): Breach Notification Rule April 2019

Health Insurance Portability and Accountability Act (HIPAA): Breach Notification Rule April 2019 Alissa Smith 1 Outline of Presentation HIPAA Breach Notification Rule Overview Updates on OCR Enforcement Complaints

485 views • 36 slides
Strategic and Racial Equity Action Planning March 27 th , 2019 1 Strategic and Racial Equity

Strategic and Racial Equity Action Planning March 27 th , 2019 1 Strategic and Racial Equity

CITY OF MINNEAPOLIS Strategic and Racial Equity Action Planning March 27 th , 2019 1 Strategic and Racial Equity Action Planning Components The vision statement is aspirational; it tells people what we want to accomplish and provides

411 views • 11 slides
The Annapolis Community u Health Partnership A <1,000 square foot remedy for a big problem

The Annapolis Community u Health Partnership A <1,000 square foot remedy for a big problem

The Annapolis Community u Health Partnership A <1,000 square foot remedy for a big problem ACHP Intervention Strategy and Goals Collaboration between Anne Arundel Medical Center and the Housing Authority of the City of Annapolis to

286 views • 10 slides
HIPAA Understanding Your Responsibilities Under the Health Insurance Portability and

HIPAA Understanding Your Responsibilities Under the Health Insurance Portability and

HIPAA Understanding Your Responsibilities Under the Health Insurance Portability and Accountability Act Tacoma Fire Department About Me Deputy Chief of Administration 21 years with Tacoma Fire Dept. 15 years as FF/Paramedic 7

719 views • 13 slides
Healthcare John DiMaggio, C.E.O., Blue Orange Compliance 1 About the Presenters John DiMaggio,

Healthcare John DiMaggio, C.E.O., Blue Orange Compliance 1 About the Presenters John DiMaggio,

Cyber Security In Healthcare John DiMaggio, C.E.O., Blue Orange Compliance 1 About the Presenters John DiMaggio, Chief Executive Officer, Blue Orange Compliance John DiMaggio is the co-founder and CEO of Blue Orange Compliance, a firm

684 views • 41 slides
New Employee Orientation HIPAA Privacy Marcia Matthias, MJ, RHIA, CHPC Corporate Director,

New Employee Orientation HIPAA Privacy Marcia Matthias, MJ, RHIA, CHPC Corporate Director,

New Employee Orientation HIPAA Privacy Marcia Matthias, MJ, RHIA, CHPC Corporate Director, Health Information/Privacy Officer Definitions HIPAA Health Insurance Portability and Accountability Act PHI Protected Health

660 views • 35 slides
Training Course HIPAA Health Insurance Portability and Accountability Act HIPAA

Training Course HIPAA Health Insurance Portability and Accountability Act HIPAA

Training Course HIPAA Health Insurance Portability and Accountability Act HIPAA initially went into effect April 14, 2003 HIPAA is a set of rules that is to be followed by doctors, hospitals and other health care providers.

284 views • 25 slides
Data Shar ing & Pr ivac y L o c a l Ho me le ss Co o rdina ting Bo a rd (L HCB) Co o

Data Shar ing & Pr ivac y L o c a l Ho me le ss Co o rdina ting Bo a rd (L HCB) Co o

Data Shar ing & Pr ivac y L o c a l Ho me le ss Co o rdina ting Bo a rd (L HCB) Co o rdina te d E ntry/ Online Na vig a tio n a nd E ntry (ONE ) Syste m Co mmitte e F uture o f Da ta Sha ring & Priva c y 2 HMI S Da ta

317 views • 12 slides

More recommend