Hipaa Compliance With IT

50 %
50 %
Information about Hipaa Compliance With IT
Health & Medicine

Published on October 16, 2008

Author: nainil

Source: slideshare.net

Description

Achieving HIPAA Compliance with help from IT

Achieving HIPAA Compliance with help from IT Nainil Chheda www.nainil.com

This is like: Mastering the art of eating a yogurt with a Fork

Mastering the art of eating a yogurt with a Fork

Do we know what HIPAA is? Hippo is the third largest land animal It is: Huge Has a large jaw Has an Invisible Boundary which is not to be crossed

Hippo is the third largest land animal

It is:

Huge

Has a large jaw

Has an Invisible Boundary which is not to be crossed

Quick Facts How many words and lines are in the Health Insurance Portability and Accountability Act? About 73,840 words, 5704 lines

How many words and lines are in the Health Insurance Portability and Accountability Act?

About 73,840 words, 5704 lines

IT Facilitates Moving with the elements (together) Not as a Dictator

Moving with the elements (together)

Not as a Dictator

Awareness Software and hardware, in and of themselves, cannot be "HIPAA compliant" It (Software / Hardware) can only aid a practice become HIPAA compliant eCW along with other added components can help a practice achieve HIPAA compliance

Software and hardware, in and of themselves, cannot be "HIPAA compliant"

It (Software / Hardware) can only aid a practice become HIPAA compliant

Is Technology a Challenge? No Then what are the most common challenges in being HIPAA Compliant? 1) People 2) Processes 3) Policies

No

Then what are the most common challenges in being HIPAA Compliant?

1) People

2) Processes

3) Policies

Checklist Education Business Policies Technology (standards compliance)‏ Documentation Periodic Audit

Education

Business Policies

Technology (standards compliance)‏

Documentation

Periodic Audit

Training & Policy Training Mandated by Law Employee training Twice a year TRUP (Technological Resource Utilization Policy) Signed by employees Signed by business associates

Training

Mandated by Law

Employee training

Twice a year

TRUP

(Technological Resource Utilization Policy)

Signed by employees

Signed by business associates

Controls sFTP for Database Transfer Domain controller Remote Desktop (Secure VNC etc) HIPAA disclaimer (in email signature) Secure Individual Fax Inbox Secure Email (like Network Solutions – MessageGuard)

sFTP for Database Transfer

Domain controller

Remote Desktop (Secure VNC etc)

HIPAA disclaimer (in email signature)

Secure Individual Fax Inbox

Secure Email (like Network Solutions – MessageGuard)

Documentation Escalation Path Server Access Logs Maintenance Logs Proactive Email/RSS Notification

Escalation Path

Server Access Logs

Maintenance Logs

Proactive Email/RSS Notification

Certified Data Destruction Secure bins On-site destruction DOD 7 layer format

Secure bins

On-site destruction

DOD 7 layer format

Do not get scared after this slide

CMS Investigation Interview Personnel Interviewed President HIPAA Compliance Officer Network Engineer HR Director of Training Source : http://www.cms.hhs.gov/Enforcement/Downloads/InformationRequestforComplianceReviews.pdf Document Request Policy documents on prevention, detection and correction of security violations Physical security User Access User Termination Access to EPHI Password management

Personnel Interviewed

President

HIPAA Compliance Officer

Network Engineer

HR

Director of Training

Source : http://www.cms.hhs.gov/Enforcement/Downloads/InformationRequestforComplianceReviews.pdf

Document Request

Policy documents on prevention, detection and correction of security violations

Physical security

User Access

User Termination

Access to EPHI

Password management

Other Documents Network penetration testing policy and procedure Entity-wide security plan Risk analysis Organizational chart Data backup procedure Disaster recovery plan Virus protection plan Training Courses

Network penetration testing policy and procedure

Entity-wide security plan

Risk analysis

Organizational chart

Data backup procedure

Disaster recovery plan

Virus protection plan

Training Courses

Thank You Nainil Chheda [email_address] http://www.nainil.com

Add a comment

Related presentations

Related pages

HIPAA.com

Expert resources to assist with HIPAA law, HITECH Act requirements, and security and privacy compliance.
Read more

What is HIPAA Compliance? - Online Tech

What is HIPAA Compliance? HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data.
Read more

Health Insurance Portability and Accountability Act ...

The Health Insurance Portability and Accountability Act of 1996 (HIPAA; Pub.L. 104–191, 110 Stat. 1936, enacted August 21, 1996) was enacted ...
Read more

HIPAA Training, Certification, and Compliance

We are the leader in providing comprehensive and user friendly HIPAA training, HIPAA certification, and HIPAA compliance solutions for over 14+ years.
Read more

Health Information Privacy | HHS.gov

Find information about the HIPAA Rules, guidance on compliance, OCR's enforcement activities, frequently asked questions, and more. Read more about ;
Read more

HIPAA Security Compliance Solutions | HIPAA Compliance

HIPAA compliance solutions for small to large covered entities to meet the demands of HIPAA privacy, security, and breach notification rules.
Read more

HIPAA Compliance Solutions for Patient Health Information

Learn more about HIPAA compliance program and four components of building a culture to enhance your practices while dealing with patient health information.
Read more

What is HiPAA Compliance

What is HIPAA Compliance? DHHS or the U.S. Department of Health and Human Services takes upon the responsibility of updating covered entities and issuing ...
Read more

HIPAA Compliance Portal Program - allpointcompliance.com

HIPAA compliance in about 3 hours per month. Tired of seemingly endless paperwork to maintain compliance? Are you sure you are doing everything you are ...
Read more

HIPAA Compliance – HIPAA Security Standards | HIPAA ...

HIPAA Security compliance - Protect patient health information & cure information security problems while exceeding HIPAA compliance Security standards ...
Read more