Maintaining HIPAA Compliance with Cloud Based Solutions

438 views

Published on

Cloud computing is here and bigger than ever. Learn how to use this emerging technology to become and maintain your HIPAA compliance.

File sharing HIPAA risks
Sync
Unauthorized sharing
Recursive sharing
Scattering of data
Lack of Auditing
Current most common HIPAA breaches
Lost or stolen devices – over 1M per week, 22% lost phones last year
Consequences – need to report, fines

Panelists:
Asaf Cidon, Sookasa
Bob Grant, The Compliancy Group

Moderator:
Marc Haskelson, President, The Compliancy Group LLC.

Published in: Health & Medicine
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
438
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Maintaining HIPAA Compliance with Cloud Based Solutions

  1. 1. Industry  leading  Education   Certified  Partner  Program     •  Please  ask  questions   •  For  todays  Slides   http://compliancy-­‐group.com/slides023/   •  Todays  &  Past  webinars  go  to:   http://compliancy-­‐group.com/webinar/     855.85HIPAA   www.compliancygroup.com  
  2. 2. Maintaining  HIPAA  Compliance:   Cloud  File  Sharing  and  Mobile  Devices   Asaf  Cidon   CEO,  Sookasa  
  3. 3. Cloud  File  Sharing  is  Booming   Dropbox   200M  Users   Google  Drive   120M  Users   Box   20M  Users  
  4. 4. Healthcare  Use  Case:   Sync  and  Backup   •  Sync  and  backup   –  TranscripLons   –  PaLent  charts   –  Medical  bills   •  Low  cost  alternaLve   –  $100-­‐200  per  seat  
  5. 5. Healthcare  Use  Case:   Mobile  Access   •  Mobile  access   –  Access  paLent  charts  on-­‐the-­‐go   –  Work  from  home   –  Home  care  
  6. 6. Healthcare  Use  Case:   External  Sharing   •  External  sharing   –  Share  medical  images   –  Send  medical  bills   –  Send  receipts  to  suppliers   •  Send  big  files   –  CT  Scans,  X-­‐Rays  
  7. 7. The  Dark  Side  of  the  Cloud   •  If  all  my  office  files  are   synchronized   everywhere…   •  The  loss  of  a  laptop  or   smartphone  causes  a   HIPAA  breach!  
  8. 8. HIPAA  Breaches  AffecLng  500+   Records  2006-­‐2013  [Source:  HHS]   4.92%   1.31%   Portable  Media   Network  Server   9.43%   46.01%   12.31%   12.96%   Computer   Laptop   EMR   Paper   13.04%   E-­‐mail  
  9. 9. HIPAA  Breaches  AffecLng  500+   Records  2006-­‐2013  [Source:  HHS]   4.92%   1.31%   Portable  Media   Network  Server   9.43%   46.01%   12.31%   12.96%   Computer   Laptop   EMR   Paper   13.04%   E-­‐mail   Most  breaches:  lost/stolen  devices  
  10. 10. The  Most  Common  HIPAA  Breaches   •  Lost  and  stolen  devices  and  portable  media   –  Over  1,000,000  devices  lost  every  week!   –  22%  of  employees  report  they  have  lost  a  phone   during  2012   •  Employees  inappropriately  accessing,  using,  or   transmidng  PHI  
  11. 11. Case  Study:  Stanford  Hospital   06/2013  Stolen  laptop:  13,000  paLents   01/2013  Stolen  laptop:  57,000  paLents   07/2012  Stolen  laptop:  2,500  paLents   09/2011  Accidental  online  sharing:  20,000  paLents   01/2010  Stolen  laptop:  500  paLents  
  12. 12. Top  HIPAA  File  Sharing  Risks   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI  
  13. 13. Top  HIPAA  File  Sharing  Risks   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?  
  14. 14. Top  HIPAA  File  Sharing  Risks   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?   Solved  by  BAA  
  15. 15. Top  HIPAA  File  Sharing  Risks   Not  Solved  by  BAA   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?   Solved  by  BAA  
  16. 16. Dropbox   Signed  BAA   On-­‐device  EncrypLon   Prevent  Accidental   Sharing   Access  Control  for  On-­‐ device  Data   End  User  Experience   and  Sync   Popularity   (Network  Effect)   Box   Google  Drive  
  17. 17. Ingredients  of  File  Sharing  HIPAA  Compliance   1.  File  encrypLon  on  the  device   2.  Control  access  to  files  with  white   list   –  People   –  Devices   3.  Audit  trail  and  emergency  access  
  18. 18. The  SoluLon   1.  Device  Loss  with  Unencrypted  PHI   2.  Accidental  Sharing  of  PHI   3.  Unencrypted  PHI  on  Cloud?   Solved  
  19. 19. Sookasa:  Shameless  Plug   Dropbox   Signed  BAA   On-­‐device   EncrypLon   Prevent  Accidental   Sharing   Access  Control  for   On-­‐device  Data   End  User   Experience  and   Sync   Popularity   (Network  Effect)   Box   Google  Drive   Sookasa  +   Dropbox  
  20. 20. ü  HIPAA  Compliance   ü  HITECH  Attestation   ü  Risk  Assessment   ü  Omnibus  Rule  Ready   ü  Meaningful  Use  core  measure  15   Free  Demo  and  60  Day  Evaluation   www.compliancy-­‐group.com     HIPAA  Hotline       855.85HIPAA   855.854.4722  

×