Six critical steps to prevent unauthorized access to confidential patient data

33 %
67 %
Information about Six critical steps to prevent unauthorized access to confidential...
Health & Medicine

Published on March 3, 2014

Author: SameerSule1

Source: slideshare.net

Description

Preventing unauthorized access to patient data in a healthcare organization by employees and outsiders, is critical to ensuring its security. Take these six steps to monitor and manage who has access to patient data in your organization.

Six critical steps to prevent unauthorized access to confidential patient data Sameer Sule Healthcare Technology Consultant KINARA | INSIGHTS creating value through technology

Protecting Patient Data  It is the law (HIPAA Security Rule)  It is the prudent thing to do  Protecting your data = Protecting patients & your healthcare organization 3/3/2014 www.kinarainsights.com 2

ePHI Access Ask these two questions:  Who needs access to electronic protected health information (ePHI) in the organization?  How much ePHI access is needed by an individual to perform his/her job? 3/3/2014 www.kinarainsights.com 3

Six critical steps to prevent unauthorized access to ePHI 3/3/2014 www.kinarainsights.com 4

Step One Follow the “Minimum Necessary” Principle:   Restrict ePHI access only to those people that need it to perform their jobs AND Restrict access to ePHI data to the minimum necessary for people to do their jobs Be STINGY in giving ePHI privileges 3/3/2014 www.kinarainsights.com 5

Step Two  Have a well written access policy and procedure in place that clearly communicates the approval procedure for granting ePHI access to an individual 3/3/2014 www.kinarainsights.com 6

Step Three  Implement audit software that:    3/3/2014 Generates the list of individuals with ePHI access Provides a log of recent access activity Alerts management to any attempts to gain unauthorized access to ePHI www.kinarainsights.com 7

Step Four  Implement policy that mandates periodic audits of the ePHI access procedure  3/3/2014 Revoke or grant access privileges as needed www.kinarainsights.com 8

Step Five  Regularly train employees on their ePHI security and compliance responsibilities 3/3/2014 www.kinarainsights.com 9

Step Six  Have all documentation readily available in case of an audit 3/3/2014 www.kinarainsights.com 10

THANK YOU CONTACT Sameer Sule Healthcare Technology Consultant Author: “Protecting Electronic Health Information: A Practical Approach to Patient Data Security in Your Healthcare Practice” Amazon: http://www.amazon.com/author/sameersule Blog: http://www.kinarainsights.com/blog.html Linkedin: http://www.linkedin.com/pub/sameer-sule/7/b1b/511 Twitter:@sameersule 3/4/2014 www.kinarainsights.com 11

Add a comment

Related presentations

Related pages

Six critical steps to prevent unauthorized access to ...

Preventing unauthorized access to patient data in a healthcare organization by employees and outsiders, is critical to ensuring its security. Take these ...
Read more

6 Hospitals Fined For Failing to Protect Patient Data ...

... failed to prevent unauthorized access to confidential ... For Failing to Protect Patient Data ... and a critical component ...
Read more

How to prevent unauthorized computer access.

Steps on how to prevent all unauthorized access to ... How to prevent unauthorized computer access. Most users are interested in taking steps to prevent ...
Read more

Access Confidential | LinkedIn

View 685 Access Confidential posts, ... •Unauthorized subnet access to confidential data. •Unauthorized user ... Six critical steps to prevent ...
Read more

PFCC INFOGRAPHIC: Six Steps to Patient Engagement

Six critical steps to prevent unauthorized access to confidential patient data. Six Steps to Sharing. Six steps to quality. 7 Steps to Patient Safety.
Read more

Cyber Security Planning Guide - Federal Communications

Cyber Security Planning Guide . ... • Who has access to that data and under what circumstances? ... Its unauthorized disclosure could seriously and adversely
Read more

Chapter 6: Maintaining a Secure Environment, Weaving a ...

... Maintaining a Secure Environment, Weaving a ... use firewalls to prevent unauthorized access between ... is critical. Keeping data secure is ...
Read more

LEGAL MEDICAL RECORD STANDARDS - Search policies

Legal Medical Record Standards ... prevent unauthorized people from accessing data or ... The Medical Record is confidential and is protected from ...
Read more