Your SlideShare is downloading. ×
Industry	
  leading	
  Education	
  
Certified	
  Partner	
  Program	
  
	
  

•  Please	
  ask	
  questions	
  
•  For	
  ...
Maintaining	
  HIPAA	
  Compliance:	
  
Cloud	
  File	
  Sharing	
  and	
  Mobile	
  Devices	
  
Asaf	
  Cidon	
  
CEO,	
 ...
Cloud	
  File	
  Sharing	
  is	
  Booming	
  

Dropbox	
  
200M	
  Users	
  

Google	
  Drive	
  
120M	
  Users	
  

Box	
...
Healthcare	
  Use	
  Case:	
  
Sync	
  and	
  Backup	
  
•  Sync	
  and	
  backup	
  
–  TranscripLons	
  
–  PaLent	
  ch...
Healthcare	
  Use	
  Case:	
  
Mobile	
  Access	
  
•  Mobile	
  access	
  
–  Access	
  paLent	
  charts	
  on-­‐the-­‐go...
Healthcare	
  Use	
  Case:	
  
External	
  Sharing	
  
•  External	
  sharing	
  
–  Share	
  medical	
  images	
  
–  Sen...
The	
  Dark	
  Side	
  of	
  the	
  Cloud	
  
•  If	
  all	
  my	
  office	
  files	
  are	
  
synchronized	
  
everywhere…	
...
HIPAA	
  Breaches	
  AffecLng	
  500+	
  
Records	
  2006-­‐2013	
  [Source:	
  HHS]	
  
4.92%	
   1.31%	
  

Portable	
  M...
HIPAA	
  Breaches	
  AffecLng	
  500+	
  
Records	
  2006-­‐2013	
  [Source:	
  HHS]	
  
4.92%	
   1.31%	
  

Portable	
  M...
The	
  Most	
  Common	
  HIPAA	
  Breaches	
  
•  Lost	
  and	
  stolen	
  devices	
  and	
  portable	
  media	
  
–  Over...
Case	
  Study:	
  Stanford	
  Hospital	
  
06/2013	
  Stolen	
  laptop:	
  13,000	
  paLents	
  
01/2013	
  Stolen	
  lapt...
Top	
  HIPAA	
  File	
  Sharing	
  Risks	
  
1.	
  Device	
  Loss	
  with	
  Unencrypted	
  PHI	
  
2.	
  Accidental	
  Sh...
Top	
  HIPAA	
  File	
  Sharing	
  Risks	
  
1.	
  Device	
  Loss	
  with	
  Unencrypted	
  PHI	
  
2.	
  Accidental	
  Sh...
Top	
  HIPAA	
  File	
  Sharing	
  Risks	
  
1.	
  Device	
  Loss	
  with	
  Unencrypted	
  PHI	
  
2.	
  Accidental	
  Sh...
Top	
  HIPAA	
  File	
  Sharing	
  Risks	
  
Not	
  Solved	
  by	
  BAA	
  

1.	
  Device	
  Loss	
  with	
  Unencrypted	
...
Dropbox	
  
Signed	
  BAA	
  
On-­‐device	
  EncrypLon	
  
Prevent	
  Accidental	
  
Sharing	
  
Access	
  Control	
  for	...
Ingredients	
  of	
  File	
  Sharing	
  HIPAA	
  Compliance	
  
1.  File	
  encrypLon	
  on	
  the	
  device	
  
2.  Contr...
The	
  SoluLon	
  
1.	
  Device	
  Loss	
  with	
  Unencrypted	
  PHI	
  
2.	
  Accidental	
  Sharing	
  of	
  PHI	
  
3.	...
Sookasa:	
  Shameless	
  Plug	
  
Dropbox	
  
Signed	
  BAA	
  
On-­‐device	
  
EncrypLon	
  
Prevent	
  Accidental	
  
Sh...
ü  HIPAA	
  Compliance	
  
ü  HITECH	
  Attestation	
  
ü  Risk	
  Assessment	
  

ü  Omnibus	
  Rule	
  Ready	
  
ü ...
Upcoming SlideShare
Loading in...5
×

Maintaining HIPAA Compliance with Cloud Based Solutions

175

Published on

Cloud computing is here and bigger than ever. Learn how to use this emerging technology to become and maintain your HIPAA compliance.

File sharing HIPAA risks
Sync
Unauthorized sharing
Recursive sharing
Scattering of data
Lack of Auditing
Current most common HIPAA breaches
Lost or stolen devices – over 1M per week, 22% lost phones last year
Consequences – need to report, fines

Panelists:
Asaf Cidon, Sookasa
Bob Grant, The Compliancy Group

Moderator:
Marc Haskelson, President, The Compliancy Group LLC.

Published in: Health & Medicine
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
175
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Maintaining HIPAA Compliance with Cloud Based Solutions"

  1. 1. Industry  leading  Education   Certified  Partner  Program     •  Please  ask  questions   •  For  todays  Slides   http://compliancy-­‐group.com/slides023/   •  Todays  &  Past  webinars  go  to:   http://compliancy-­‐group.com/webinar/     855.85HIPAA   www.compliancygroup.com  
  2. 2. Maintaining  HIPAA  Compliance:   Cloud  File  Sharing  and  Mobile  Devices   Asaf  Cidon   CEO,  Sookasa  
  3. 3. Cloud  File  Sharing  is  Booming   Dropbox   200M  Users   Google  Drive   120M  Users   Box   20M  Users  
  4. 4. Healthcare  Use  Case:   Sync  and  Backup   •  Sync  and  backup   –  TranscripLons   –  PaLent  charts   –  Medical  bills   •  Low  cost  alternaLve   –  $100-­‐200  per  seat  
  5. 5. Healthcare  Use  Case:   Mobile  Access   •  Mobile  access   –  Access  paLent  charts  on-­‐the-­‐go   –  Work  from  home   –  Home  care  
  6. 6. Healthcare  Use  Case:   External  Sharing   •  External  sharing   –  Share  medical  images   –  Send  medical  bills   –  Send  receipts  to  suppliers   •  Send  big  files   –  CT  Scans,  X-­‐Rays  
  7. 7. The  Dark  Side  of  the  Cloud   •  If  all  my  office  files  are   synchronized   everywhere…   •  The  loss  of  a  laptop  or   smartphone  causes  a   HIPAA  breach!  
  8. 8. HIPAA  Breaches  AffecLng  500+   Records  2006-­‐2013  [Source:  HHS]   4.92%   1.31%   Portable  Media   Network  Server   9.43%   46.01%   12.31%   12.96%   Computer   Laptop   EMR   Paper   13.04%   E-­‐mail  
  9. 9. HIPAA  Breaches  AffecLng  500+   Records  2006-­‐2013  [Source:  HHS]   4.92%   1.31%   Portable  Media   Network  Server   9.43%   46.01%   12.31%   12.96%   Computer   Laptop   EMR   Paper   13.04%   E-­‐mail   Most  breaches:  lost/stolen  devices  
  10. 10. The  Most  Common  HIPAA  Breaches   •  Lost  and  stolen  devices  and  portable  media   –  Over  1,000,000  devices  lost  every  week!   –  22%  of  employees  report  they  have  lost  a  phone   during  2012   •  Employees  inappropriately  accessing,  using,  or   transmidng  PHI  
  11. 11. Case  Study:  Stanford  Hospital   06/2013  Stolen  laptop:  13,000  paLents   01/2013  Stolen  laptop:  57,000  paLents   07/2012  Stolen  laptop:  2,500  paLents   09/2011  Accidental  online  sharing:  20,000  paLents   01/2010  Stolen  laptop:  500  paLents  
  12. 12. Top  HIPAA  File  Sharing  Risks   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI  
  13. 13. Top  HIPAA  File  Sharing  Risks   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?  
  14. 14. Top  HIPAA  File  Sharing  Risks   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?   Solved  by  BAA  
  15. 15. Top  HIPAA  File  Sharing  Risks   Not  Solved  by  BAA   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?   Solved  by  BAA  
  16. 16. Dropbox   Signed  BAA   On-­‐device  EncrypLon   Prevent  Accidental   Sharing   Access  Control  for  On-­‐ device  Data   End  User  Experience   and  Sync   Popularity   (Network  Effect)   Box   Google  Drive  
  17. 17. Ingredients  of  File  Sharing  HIPAA  Compliance   1.  File  encrypLon  on  the  device   2.  Control  access  to  files  with  white   list   –  People   –  Devices   3.  Audit  trail  and  emergency  access  
  18. 18. The  SoluLon   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?   Solved  
  19. 19. Sookasa:  Shameless  Plug   Dropbox   Signed  BAA   On-­‐device   EncrypLon   Prevent  Accidental   Sharing   Access  Control  for   On-­‐device  Data   End  User   Experience  and   Sync   Popularity   (Network  Effect)   Box   Google  Drive   Sookasa  +   Dropbox  
  20. 20. ü  HIPAA  Compliance   ü  HITECH  Attestation   ü  Risk  Assessment   ü  Omnibus  Rule  Ready   ü  Meaningful  Use  core  measure  15   Free  Demo  and  60  Day  Evaluation   www.compliancy-­‐group.com     HIPAA  Hotline       855.85HIPAA   855.854.4722  

×