Practical approach to patient data security - A quick primer

493 views
423 views

Published on

Six essential components of a strong security program to protect electronic patient data in a healthcare practice

Published in: Healthcare
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
493
On SlideShare
0
From Embeds
0
Number of Embeds
151
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Practical approach to patient data security - A quick primer

  1. 1. PRACTICAL APPROACH TO PATIENT DATA SECURITY (a quick primer) Sameer Sule Healthcare Technology Consultant KINARA | INSIGHTS creating value through technology
  2. 2. ePHI: Security Rule Compliance   Don’t assume that if the technology is compliant, the organization is also compliant. Compliance is achieved by a combination of:       2/24/2014 Technology Policies and Procedures Documentation Employee Training Strict enforcement and sanctions Regular review and updating www.kinarainsights.com 2
  3. 3. The Big Picture 2/24/2014 www.kinarainsights.com 3
  4. 4. Six Essential Components  Risk Analysis    Identify threats & vulnerabilities to ePHI Implement measures to mitigate threats Systems and Network Management   Monitor computer systems and network Proactively detect potential security and maintenance issues 2/24/2014 www.kinarainsights.com 4
  5. 5. Six Essential Components  Contingency Planning     Data backup plan Disaster recovery plan Emergency mode of operations plan Mobile Device Management   Protect ePHI on laptops, smartphones, tablets, USB sticks etc Enable encryption, device tracking, remote data wipeout 2/24/2014 www.kinarainsights.com 5
  6. 6. Six Essential Components  Policies, Procedures & Training     Develop clear written policies & procedures Conduct regular data security training for staff Enforce policies Periodic Testing & Revision   Review security plan regularly Update plan as needed to accommodate changes in technology, people/processes 2/24/2014 www.kinarainsights.com 6
  7. 7. A practical approach to data security  Don’t do everything all at once  Take a step-wise approach  Start with a comprehensive risk analysis  Build a strong foundation 2/24/2014 www.kinarainsights.com 7
  8. 8. Data security and compliance  Requires planning Needs to be meticulous Takes coordination between people in different departments Requires an investment of time  Is on-going    2/24/2014 www.kinarainsights.com 8
  9. 9. Implementation  Do it yourself or get outside help  Customize policies to your organization  Implement reasonable and appropriate security measures for your organization 2/24/2014 www.kinarainsights.com 9
  10. 10. THANK YOU CONTACT Sameer Sule Healthcare Technology Consultant Author: “Protecting Electronic Health Information: A Practical Approach to Patient Data Security in Your Healthcare Practice” Amazon: http://www.amazon.com/author/sameersule Blog: http://www.kinarainsights.com/blog.html Linkedin: http://www.linkedin.com/pub/sameer-sule/7/b1b/511 Twitter:@sameersule 2/24/2014 www.kinarainsights.com 10

×