Your SlideShare is downloading. ×

Cooperative ACO's Must Lead to Cooperative Security Measures

262
views

Published on

To learn more about our FREE HIPAA webinar series or our compliance tracking solution The Guard visit www.compliancy-group.com

To learn more about our FREE HIPAA webinar series or our compliance tracking solution The Guard visit www.compliancy-group.com

Published in: Education, Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
262
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. 8/28/13 1 ACO – Accountable Care Organizations Cooperative Healthcare Requires Cooperative Security “It’s a Team Sport.” Robby Gulri VP, Product Marketing gulri@echoworx.com  
  • 2. 855.85HIPAA   www.compliancygroup.com   Industry  leading  Educa1on   Cer1fied  Partner  Program     •  Please  ask  ques1ons   •  For  todays  Slides   h#p://compliancy-­‐group.com/slides023/   •  Todays  &  Past  webinars  go  to:   h#p://compliancy-­‐group.com/webinar/   #CGwebinar  
  • 3. Real Stats in the Field 8/28/13 3
  • 4. ACO – Accountable Care Organizations Definition •  Accountable Care Organizations (ACOs) are groups of doctors, hospitals, and other health care providers, who come together voluntarily to give coordinated high quality care to their Medicare patients •  Goal of coordinated care is to ensure that patients get the right care at the right time, while avoiding unnecessary duplication of services and preventing medical errors •  Share in the savings it achieves for the Medicare program 8/28/13 4
  • 5. ACO Illustrated 8/28/13 5
  • 6. Encryption requirements for ACOs 8/28/13 6 Requirements Scan, Encrypt or Block outbound email •  Compliance (PHI, PAN, etc) •  Confidential or Sensitive information Business Process Enablement for Efficiency •  Replace paper based processes •  Loan applications, regulatory filings •  Medical records, insurance claims, and information exchange Automated eDocument Delivery •  Email distribution of documents containing private information •  Bank, mortgage, credit card statements •  Bills and invoices •  Insurance policies and claims
  • 7. The Players within ACOs •  Providers •  As networks of providers, ACOs are composed mostly of hospitals, physicians, and other healthcare professionals. •  Payers •  The federal government, in the form of Medicare, will be the primary payer of an ACO •  Other payers include private insurances, or employer- purchased insurance •  Patients •  An ACO’s patient population will primarily consist of Medicare beneficiaries 8/28/13 7
  • 8. ACOs and Health Care IT 8/28/13 8  Encryp1on,  Security  of  Data  at  Rest  and  in  Mo1on  
  • 9. 4 Essential Technologies for effective ACOs •  HIEs (Healthcare Information Exchange) •  Portal •  Secure Email •  Push / Pull •  Analytics •  Reporting •  Dashboards •  Care Management applications •  Tele Medicine •  Remote Patient Monitoring •  Encryption & Security Applications •  Document Encryption •  Email Encryption 8/28/13 9
  • 10. Security Framework for ACOs •  Secure, online environment which allows for controlled access to and sharing of data on a variety of levels between stakeholders •  Access to aggregate cost and quality trends by governance and project teams •  Secure repository for shared aggregate and detailed data •  Sharing of patient-specific clinical data between responsible caregivers 8/28/13 10
  • 11. Tools required for Secure Communications 8/28/13 11 Source:    AT&T  Compliance  Report  2013  
  • 12. Push / Pull Support 8/28/13 12
  • 13. Complying to HIPAA for ACOs •  Becomes even more important as information is constantly being exchanged across multiple organizations and providers •  More scrutiny and enforcement of HIPAA Omnibus •  Encryption becomes an important compliance tool and weapon 8/28/13 13
  • 14. HIPAA Encryption Requirements •  Standard ~ Transmission Security: Implement technical security measures to guard against unauthorized access to PHI that is being transmitted over an electronic communications network 45 CFR 164.312 (e)(1) •  Addressable Implementation Feature ~ implement a mechanism to encrypt electronic protected health information whenever deemed appropriate 45 CFR 164.312 (e)(2)(ii) Email  containing  PHI  requires  Encryp1on  
  • 15. Addressable Implementation of encryption is not optional •  Addressable implementation features are not optional, they must be addressed; HCO must either: 1  Implement the feature   or 2  Document why it’s not reasonable and appropriate to implement feature,   and implement an equivalent alternative measure when reasonable and appropriate
  • 16. Omnibus & Email Encryption •  More enforcement with Omnibus •  Direct liability for both Covered Entities and Business Associates •  More parties involved with PHI exchange •  Breach Definition have changed •  Breach is presumed and you have to prove “why breach didn’t occur…” •  Increase Penalties for liability 8/28/13 16
  • 17. Echoworx Snapshot 8/28/13 17
  • 18. 8/28/13 18 Thank you
  • 19. Free  Demo  and  60  Day  Evaluation   www.compliancy-­‐group.com     HIPAA  Hotline       855.85HIPAA   855.854.4722     HIPAA  Compliance     HITECH  Attestation     Omnibus  Rule  Ready     Meaningful  Use  core  measure  15