Privacy In The Technology Age
Upcoming SlideShare
Loading in...5

Privacy In The Technology Age






Total Views
Views on SlideShare
Embed Views



1 Embed 2 2


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Privacy In The Technology Age Privacy In The Technology Age Presentation Transcript

  • Privacy in the Technology Age Ms. Leslie Shaffer Director TMA Privacy Office April 23, 2008 HEALTH AFFAIRS TRICARE Management Activity
  • Privacy in the Technology Age Purpose
    • Illustrate measures to protect information, ensure privacy, and respond to challenges in the face of changing technology
  • Privacy in the Technology Age Objectives
    • Describe the unique environment of the Military Health System (MHS)
    • Contrast benefits and challenges in ensuring privacy for current and future technologies
    • Discuss safeguards about special considerations for protecting privacy in a technology-rich environment
    • Illustrate some of TMA’s experiences and Lessons Learned in responding to data breaches
  • Military Health System Environment
  • MHS Environment TMA Privacy Office
    • TRICARE Management Activity (TMA) Privacy Office Mission is:
      • “To ensure stakeholders’ personally identifiable and health information are protected at the highest level as TRICARE delivers the best medical support possible to those entrusted to our care.”
  • MHS Environment What is the Military Health System? Source: TRICARE Stakeholders Report 2008
    • Integrate large organizational units with distinct business processes (Army, Navy, Marines, Air Force, Coast Guard, and Reserves)
    Distinct Branches of Service
    • 133,500+ highly mobile workforce
    MHS Personnel
    • Approximately 900 Facilities
    • 413 Medical Clinics
    • 413 Dental Clinics
    • 63 Hospitals and Medical Centers
    Direct Care Facilities
    • $42.2 billion
    FY07 DoD Health Care Expenditures
    • 9.2 million
  • MHS Environment Military Health System Oversight
    • Congress
    • Office of Management and Budget (OMB)
    • US-CERT (Computer Emergency Response Team)
    • Dept of Health and Human Services (HHS)
    • Assistant Secretary of Defense (Networks & Information Integration)
    • DoD Inspector General (IG)
    • DoD Privacy Office
    Freedom of Information Act of 1966 Privacy Act of 1974 Health Insurance Portability and Accountability Act of 1996 44 USC Ch. 31 Records Management Program Computer Security Act of 1987 Federal Laws DoD Governance Sensitive Information (SI) Categories Electronic Protected Health Information (ePHI) Protected Health Information (PHI) Personally Identifiable Information (PII) E-Government Act of 2002 DoDI 8510.01 DIACAP DoD CIO Memo Privacy Impact Assessments (PIA) Guidance DoD 5400.7-R DoD Freedom of Information Program DoD 5400.11-R DoD Privacy Program DoD 5200.1-R Information Security Program DoD 8580.02-R DoD Health Information Security Regulation DoD 6025.18-R DoD Health Information Privacy Regulation DoD 8500.1 & 2 Information Assurance (IA) ASD(HA) Memo Breach Notification Reporting for the MHS Federal Information Security Management Act (FISMA) Reporting Requirements
  • Challenges with Current Technology
  • Challenges in Current Technology Challenges
  • Challenges in Current Technology Using Technology to Protect Privacy
      • The emergence of the Electronic Health Record and the Personal Health Record
      • A hybrid environment of legacy and current systems
      • Future technology innovations
    Even with internal controls and the proper policies and procedures, challenges to protecting privacy still exist. Challenges facing the Military Health System include:
  • Challenges in Current Technology Hybrid Technology
      • The complexity and size of an organization’s operating environment contribute to the current blend of legacy systems and newer, more innovative technology
    Hybrid Technology New Systems
    • Benefits:
      • Capability
      • Interoperability
      • Security
    • Challenges
      • Data Conversion
      • Cost
      • Complexity
    Legacy Systems
    • Benefits:
      • Cost
      • Widespread Usage
      • Stability
    • Challenges
      • Data Conversion
      • Support
      • Security Design
  • Challenges in Current Technology Electronic and Personal Health Records Benefits
    • Greater patient access to a wide array of their health information, data, and knowledge
    • Cost efficiency in chronic disease management, medication, and wellness programs
    • Ability to management and control care, schedule appointments. or contact their Provider directly
    • Individual privacy concerns
    • Lack of clear standards and interoperability
    • Ensuring accuracy and completeness of data in the PHR
    • Lack of clear financial models and sources of funding
    Electronic Health Record (EHR) - individual patient's medical record in digital format, usually accessed on a computer, often over a network and maintained by a provider for that provider’s use Personal Health Record (PHR) - typically a health record that is initiated and maintained by an individual EHR versus PHR
  • Safeguards to Protect Privacy
  • Safeguards to Protect Privacy Risk Identification and Management
    • The organizational security management process examines TMA’s Directorates and the offices within each functional area to ensure administrative, physical, and technical safeguards are properly addressed
  • Safeguards to Protect Privacy Data Use Agreements
    • Specify under what conditions particular data may be used and document the parameters under which organizations will conduct tasks related to a specific project, research, survey, or secondary purpose
    • Non-DoD personnel are required to complete a DUA which:
      • Describes the user's relationship to TMA, (for example, contractual)
      • Describes the specific purpose and use of the data and validates the requestors 'need-to-know'
      • Delineates the individuals who are granted access to the data
      • Emphasizes the user's responsibility to comply with privacy legislation and regulations
  • Safeguards to Protect Privacy Certification and Accreditation (C&A)
    • The Certification and Accreditation (C&A) process provides reasonable assurances that an IT system has undergone Information Assurance Testing.
    • The C&A process follows the general outline of:
      • Security Test & Evaluation
      • Plan of Action & Milestones (POA&M)
      • Residual Risk Analysis
    • C&A provides an overall view of IT governance, Strategic Risk Aversion, and Executive Decision Making.
    • The resulting C&A documentation is a quantifiable product that is monitored and updated as changes occur to the system.
  • Safeguards to Protect Privacy Privacy Impact Assessments
    • Privacy Impact Assessments (PIAs):
      • Specialized risk assessment performed internally to ensure the protection of privacy
      • A nalysis of how information is handled and protected in an Information Technology (IT) system
      • Mitigation of breaches as expressed in recent events
  • Emerging Technology
  • Emerging Technology Identity Solutions
    • Emerging Technology seems to present a myriad of choices
    • Any technology solution needs to fit the organization’s needs
    • Even within DoD, there is no one solution to fit all our needs
    • Identification vs. Authentication
    • Importance of Integration
    • Leveraging technology to maximize security and utility
    • Authentication Controls
    Emerging Technology Integrated Identity Solutions Single credential for personnel identification, building or facility access, and for systems and network access Goal
  • Emerging Technology Encryption for Data at Rest Challenges
    • Level of encryption
    • Diligence with inventory
      • Hardware
      • Keys
    • Policy-based automation
    • Key management interoperability standards
    • Keys at risk of loss or theft
    • Lessen the potential risk of a data breach
    • More control over who accesses data
    • Scalability
      • Application-based or server hosted
      • Devices and applications
    • End-to-end encryption
    • All embargoed data residing on the network or any portable storage media should be encrypted to limit access and use to authorized individuals
  • Emerging Technology Content Monitoring and Data Loss Prevention Challenges
    • Depending on the size of the organization, data analysis may be very intensive
    • Additional resources may need to be dedicated to enforcement and monitoring of tool
    • Proper policies and procedures must be in place before implementation of tool
    • Control – leverage filters to protect privacy data and intellectual property
    • Discover – detect sensitive content at rest
    • Monitor – classify and analyze all content in motion
    • Prevent – block and filter to control what information is being sent or stored at all times
    • Capture – gain perspective through logging and storage of all events
    • Content Monitoring and Data prevention tools facilitate the enforcement of business processes and policies
  • Emerging Technology Trusted Internet Connections Challenges
    • Currently, analysis is done manually (although it is anticipated that Version 2 will provide automated analysis)
    • Aggressive timeline for such a large initiative (completion of milestones by June 2008)
    • Will require agencies to agree to standard policies
    • Looks for suspicious patterns of activity for participating Federal agencies Builds cyber-related situational awareness across the Federal government
    • Common solution for Federal government
    • Reduces the number of external internet connections to 50; DoD currently has 19
    • Trusted Internet Connections (TIC) are cyber security initiatives with common goals: secure Federal networks while minimizing costs
  • Emerging Technology Federal Desktop Core Configuration Challenges
    • Ensure compliance with current infrastructure, including policies and processes
    • Receive buy-in from across the Federal government
    • Prohibits the use of wireless settings
    • Increase IT security
    • Increase application compatibility (common configurations versus hundreds of locally created configurations)
    • Reduce overall IT costs
    • Federal Desktop Core Configuration (FDCC) provides a single, standard, enterprise-wide managed environment for desktops and laptops
  • Emerging Technology Radio Frequency Identification Devices
    • A Radio Frequency Identification Device (RFID) is an Automated Identification and Capture (AIDC) Technology that allows:
          • Identification of Objects
          • Communication over great distances
          • No optical line of sight
          • Inventory Management Tool
    RFID Extranet
  • Data Breaches
  • Data Breaches Breaches in the News Some TRICARE Beneficiary Data Put At Risk “ Data for nearly 600,000 households enrolled in TRICARE stored on a government-contractor’s unprotected computer server could have been exposed to hackers, defense officials announced today. Beneficiaries’ names, addresses, Social Security Numbers, birth dates and some health information was stored on a computer server that was not using a firewall and did not have adequate password protection, TRICARE Management Activity officials said…” Source:, July 20, 2007 Privacy Rights Clearinghouse Record Number Of Data Breaches Reported In 2007 “ Researchers with the Identity Theft Resource Center cited 443 breaches in the U.S. in 2007 in their annual report, compared to the 315 they identified in 2006.” Source: , December 31, 2007
    • Lost, stolen or compromised information, otherwise termed a breach, is the actual or possible loss of control, unauthorized disclosure, or unauthorized access of personal information where persons other than authorized users gain access or potential access to such information for other than authorized purposes where one or more individuals will be adversely affected
    Data Breaches DoD Definition of a Breach
  • Data Breaches Incident Response Plan
    • An effective Incident Response Plan includes the following steps
    • The steps might not be followed in a linear fashion; however each step needs to be addressed to effectively mitigate breaches
    • Notification
    • Reporting
    • Definition
    • A Risk Based Approach to notify
  • Data Breaches Reporting and Notification
      • When a loss, theft, or compromise of information occurs, the breach shall be reported to:
    Note: Notify issuing banks if government issued credit cards are involved; law enforcement, if necessary; and all affected individuals within 10 working days of breach and identity discovery, if necessary. (See Determining Notification)
      • Leadership – Immediately
      • US CERT – Within 1 Hour
      • Sr. Component Officials for Privacy – Within 24 Hours
      • TMA Privacy Office – Within 24 Hours
      • DoD Privacy Office – Within 48 Hours
      • Leadership – Immediately
      • TMA Privacy Office – Within 1 Hour
      • US CERT – Within 1 Hour
      • DoD Privacy Office – Within 48 Hours
    Non-TMA Components TMA Components
  • Data Breaches Determining Notification
      • When determining whether notification of a breach is required, the DoD Component will assess the likely risk of harm caused by the breached information and then assess the relative likelihood of the risk occurring (risk level).
      • Five factors that need to be considered when assessing the likelihood of risk and/or harm include:
          • Nature of the data elements breached
          • Number of individuals affected
          • Likelihood of the information is accessible and usable
          • Likelihood the breach may lead to harm
          • Ability of the agency to mitigate the risk of harm
      • Breaches are classified as Low, Moderate, or High:
  • Data Breaches Reporting Timeline
  • Data Breaches Lessons Learned
      • In response to breaches, the organization must:
      • Commit to ensuring the affected beneficiaries remain a top priority
      • Develop strong policies and procedures
      • Assign specific roles and responsibilities to Incident Response Team members before a breach occurs
      • Establish and test the communication plan for internal and external stakeholders
      • Document all aspects of the incident (timeline, reports, incident response checklist, etc.)
      • Communicate to Senior Leadership (via emails, Executive Summaries, and briefings)
      • Develop Lessons Learned and/or an After Action Report
  • Privacy in the Technology Age Resources
    • TRICARE Management Activity:
    • Privacy Act of 1974, as amended (5 U.S.C. 552a)
    • DoD Regulation 5400.11-R, “DoD Privacy Program,” May 14, 2007
    • DoD Regulation 6025.11-R, “DoD Health Information Privacy Regulation,” January 24, 2003
    • DoD Regulation 8580.02-R, “DoD Health Information Security Regulation,” July 12, 2007
    • DoD Memorandum, “DoD Guidance on Protecting Personally Identifiable Information (PII),” August 18, 2006
    • OMB M-07-16, “Safeguarding Against and Responding to the Breach of Personally Identifiable Information,” May 22, 2007
    • Office of the Secretary of Defense (OSD) Memorandum 15041-07, “Safeguarding Against and Responding to the Breach of Personally Identifiable Information,” September 21, 2007