Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014

•Download as PPTX, PDF•

3 likes•1,692 views

David Harlow

Technology Sports

Photo: CC: http://www.flickr.com/photos/aigle_dore/6672141083

HIPAA Highlights
PHI
CE
BA
Breach Notification
•Patients
•Government
•Press (>500)
Enforcement (OCR/AGs)
•BA Primary Liability
•Downstream responsibility
•Audits, Complaint
Investigations, Fines
TPO
BAA
NPP
Authorization/Consent
Security
•Administrative
•Technical
•Physical
•>> Risk Assessment
Privacy
•Minimum Necessary for TPO
•Patient Access
•Opt-In for Research,
Marketing, Fundraising

Deidentification
Photo: CC: http://www.flickr.com/photos/hape_gera/3281625420

State Rules on
Data Privacy
Including
“Sensitive” Health Data

for contact info
txt dharlow to 50500
or scan the QR code
harlowgroup.net
healthblawg.com
twitter.com/healthblawg
david@harlowgroup.net
Thank You
David Harlow JD MPH
THE HARLOW GROUP LLC

In this presentation at #StrataRx 2013 I explore the notion of building big data analytics on top of a data store populated by health record information obtained as a result of patient requests. Why? Because doing it that way would bring the data out from under HIPAA and HITECH regulations. Patients could contribute as much or as little of the data as they wish, patients could be compensated for their contributions, and other pesky HIPAA restrictions would fall by the wayside. I used one company's newly-announced service as an example, but there are others in this space as well. See livetweets of presentation at: http://www.healthblawg.com/2013/09/david-harlows-hipaa-and-hitech-presentation-at-stratarx.html Press coverage of this presentation: Solving Healthcare's Big Data Analytics Security Conundrum - CIO.com – http://shrd.by/8qCxmo

Week 1 discussion 2 hipaa

MADOZI4671

Appointment Reminders, Patient Marketing, HIPAA and You

David Harlow

Beyond HIPAA: Digital Health Opportunities & Regulatory Land Mines

David Harlow

Keeping Your Edge: Managing Social Media While Protecting Privacy and Securit...David Harlow

Give the People What They Want: Authentic Interaction and Compliant Communica...

David Harlow

Many women wear fitness trackers, use period tracking software, and geo tag photos on their phone without thinking about the data ever being used against them. But in a world where states are now exploring private citizen bounties against women suspected of receiving abortions, could the digital trails you create be used against you? Privacy leaks through fitness tech are nothing new -see the secret military bases exposed by Strava a few years ago. But now the confluence of health trackers which record a woman’s body temperature (Oura rings), their locations (maybe you logged a walk in a new city with Apple Fitness), and even period tracking applications can be used to implicate women, even if they just missed periods due to stress, took a work trip to a city, or any other benign reason. What legal and technical protections are in place to shield women from a techno-dystopia in a post-Roe world?

Phi masella

Denise Masella

PROTECTED HEALTH INFORMATION_PATIENT PRIVACY

Denise Masella

PSOW 2016 - HIPAA Compliance for EMS Community

PSOW

The real reason why physicians must comply with HIPAA. What the government do...

CureMD

Patient confidentiality.pptchwiso8418

iHT2 Health IT Summit in Austin 2012 – Deborah C. Peel, MD, Founder and Chai...

Health IT Conference – iHT2

Mha690 hipaa minimum necessary week 1

CynthiaRaccio

The Basics of HIPAA

DamianKnowles1

THCS Workforce HIPAA Training

kerbertx

Patient Privacy Provisions of the HITECH Act Implications for Patients and Sm...

Xiaoming Zeng

Protected health information

miszkeeta

Understanding patient privacy 1

Jonsie12

Mha690 wk 1 fletcherEmed32

Patient confidentiality power pointchwiso8418

Patient confidentiality

chwiso8418

Patient confidentiality power pointchwiso8418

MHA 690 week 2 discussin

Brooke A Thomas

David Harlow Patients 2.0 - Privacy in Digital Health

David Harlow

Telemedicine challenges and opportunities slidecast

David Harlow

Similar to Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014

Digital Health: Apps, Analytics & Agencies

David Harlow

Healthcare IT: Security Risks & Regulations

CHIPS Technology Group

Weaponizing Your Fitness Tracker Against You_ Health, Fitness, & Location Tra...

Wendy Knox Everette

Phi masella

Denise Masella

PROTECTED HEALTH INFORMATION_PATIENT PRIVACY

Denise Masella

PSOW 2016 - HIPAA Compliance for EMS Community

PSOW

The real reason why physicians must comply with HIPAA. What the government do...

CureMD

Patient confidentiality.pptchwiso8418

iHT2 Health IT Summit in Austin 2012 – Deborah C. Peel, MD, Founder and Chai...

Health IT Conference – iHT2

Mha690 hipaa minimum necessary week 1

CynthiaRaccio

The Basics of HIPAA

DamianKnowles1

THCS Workforce HIPAA Training

kerbertx

Patient Privacy Provisions of the HITECH Act Implications for Patients and Sm...

Xiaoming Zeng

Protected health information

miszkeeta

Understanding patient privacy 1

Jonsie12

Mha690 wk 1 fletcherEmed32

Patient confidentiality power pointchwiso8418

Patient confidentiality

chwiso8418

Patient confidentiality power pointchwiso8418

MHA 690 week 2 discussin

Brooke A Thomas

Similar to Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014 (20)

Digital Health: Apps, Analytics & Agencies

Healthcare IT: Security Risks & Regulations

Weaponizing Your Fitness Tracker Against You_ Health, Fitness, & Location Tra...

Phi masella

PROTECTED HEALTH INFORMATION_PATIENT PRIVACY

PSOW 2016 - HIPAA Compliance for EMS Community

The real reason why physicians must comply with HIPAA. What the government do...

Patient confidentiality.ppt

iHT2 Health IT Summit in Austin 2012 – Deborah C. Peel, MD, Founder and Chai...

Mha690 hipaa minimum necessary week 1

The Basics of HIPAA

THCS Workforce HIPAA Training

Patient Privacy Provisions of the HITECH Act Implications for Patients and Sm...

Protected health information

Understanding patient privacy 1

Mha690 wk 1 fletcher

Patient confidentiality power point

Patient confidentiality

Patient confidentiality power point

MHA 690 week 2 discussin

More from David Harlow

David Harlow Patients 2.0 - Privacy in Digital Health

David Harlow

Telemedicine challenges and opportunities slidecast

David Harlow

Telemedicine: Challenges and Opportunities

David Harlow

MCLE Health Law Basics Plus 2013 - Post-Acute Care

David Harlow

Accountable Care Organizations - The Camel's Nose Is In the TentDavid Harlow

Health Care Social Media - Getting Started Without Getting In TroubleDavid Harlow

Health Care Social Media - An Introduction to Engaging Intelligently and Legally

David Harlow

Learn more about the value of social media tools, the range of issues they present, and some key strategies for using these tools effectively while steering clear of trouble by social media expert and charter member of the Advisory Board of the Mayo Clinic Center for Social Media, David Harlow. Engage David Harlow as a keynote speaker or consultant to your organization: http://bit.ly/tgQhmU One recent review: '@healthblawg is so good I just tend to listen vs tweet' You may purchase the audio and a transcript of this webinar at http://bit.ly/uqBiBi

AHLA Annual Meeting 2011 Social Media for Lawyers by David HarlowDavid Harlow

AHLA Annual Meeting 2011 Social Media Legal Marketing Resources by David HarlowDavid Harlow

Health Care Social Media for Medical Device Manufacturers - FDA - Presentatio...

David Harlow

Social media-legal-marketing-harlow-bln-04272011David Harlow

Payment Reform and ACOs

David Harlow

Atrius ACO Presentation

David Harlow

Health Care Social Media - The Lawyers Don't Always Say No

David Harlow

Marketing and Branding Your Legal Practice Using Social Media

David Harlow

Marketing and Branding Your Legal Practice Using Social Media - Mass Bar Assn...

David Harlow

Social Media In Health Care Legal Issues

David Harlow

David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209

David Harlow

Retail Health Clinic Summit 2009 - The Massachusetts Experience and Lessons L...David Harlow

HIPAA and Son of HIPAA - Notes from HealthCamp Boston UnconferenceDavid Harlow

More from David Harlow (20)

David Harlow Patients 2.0 - Privacy in Digital Health

Telemedicine challenges and opportunities slidecast

Telemedicine: Challenges and Opportunities

MCLE Health Law Basics Plus 2013 - Post-Acute Care

Accountable Care Organizations - The Camel's Nose Is In the Tent

Health Care Social Media - Getting Started Without Getting In Trouble

Health Care Social Media - An Introduction to Engaging Intelligently and Legally

AHLA Annual Meeting 2011 Social Media for Lawyers by David Harlow

AHLA Annual Meeting 2011 Social Media Legal Marketing Resources by David Harlow

Health Care Social Media for Medical Device Manufacturers - FDA - Presentatio...

Social media-legal-marketing-harlow-bln-04272011

Payment Reform and ACOs

Atrius ACO Presentation

Health Care Social Media - The Lawyers Don't Always Say No

Marketing and Branding Your Legal Practice Using Social Media

Marketing and Branding Your Legal Practice Using Social Media - Mass Bar Assn...

Social Media In Health Care Legal Issues

David Harlow on Social Media In Health Care Legal Issues - OHA PRMS 111209

Retail Health Clinic Summit 2009 - The Massachusetts Experience and Lessons L...

HIPAA and Son of HIPAA - Notes from HealthCamp Boston Unconference

Recently uploaded

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

By Design, not by Accident - Agile Venture Bolzano 2024

Pierluigi Pugliese

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

Pushing the limits of ePRTC: 100ns holdover for 100 days

Adtran

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

20240605 QFM017 Machine Intelligence Reading List May 2024

Matthew Sinclair

Free Complete Python - A step towards Data Science

RinaMondal9

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Paige Cruz

Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack. While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack. I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:

Recently uploaded (20)

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

FIDO Alliance Osaka Seminar: Overview.pdf

GraphRAG is All You need? LLM & Knowledge Graph

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

UiPath Test Automation using UiPath Test Suite series, part 4

By Design, not by Accident - Agile Venture Bolzano 2024

Elizabeth Buie - Older adults: Are we really designing for our future selves?

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

DevOps and Testing slides at DASA Connect

Essentials of Automations: The Art of Triggers and Actions in FME

Pushing the limits of ePRTC: 100ns holdover for 100 days

Epistemic Interaction - tuning interfaces to provide information for AI support

Removing Uninteresting Bytes in Software Fuzzing

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

Introduction to CHERI technology - Cybersecurity

20240605 QFM017 Machine Intelligence Reading List May 2024

Free Complete Python - A step towards Data Science

The Art of the Pitch: WordPress Relationships and Sales

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014

1. Dancing With HIPAA Follow my lead and you’ll be OK David Harlow JD MPH THE HARLOW GROUP LLC blog • healthblawg.com twitter • @healthblawg

2. Photo: CC: http://www.flickr.com/photos/aigle_dore/6672141083

3. HIPAA Highlights PHI CE BA Breach Notification •Patients •Government •Press (>500) Enforcement (OCR/AGs) •BA Primary Liability •Downstream responsibility •Audits, Complaint Investigations, Fines TPO BAA NPP Authorization/Consent Security •Administrative •Technical •Physical •>> Risk Assessment Privacy •Minimum Necessary for TPO •Patient Access •Opt-In for Research, Marketing, Fundraising

4. Wall of Shame

5. Deidentification Photo: CC: http://www.flickr.com/photos/hape_gera/3281625420

6. thedatamap.org

7. It’s not ALL about HIPAA

8. FTC Breach Notification Rule for PHRs

9. State Rules on Data Privacy Including “Sensitive” Health Data

10. Lockdown vs. Open Door

11. Clear Expectations => No Surprises

12. The Inevitability of Digital Health

13. Photo: CC: http://www.flickr.com/photos/aigle_dore/6672141083

14. for contact info txt dharlow to 50500 or scan the QR code harlowgroup.net healthblawg.com twitter.com/healthblawg david@harlowgroup.net Thank You David Harlow JD MPH THE HARLOW GROUP LLC

Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014

Recommended

Recommended

More Related Content

Similar to Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014

Similar to Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014 (20)

More from David Harlow

More from David Harlow (20)

Recently uploaded

Recently uploaded (20)

Dancing With HIPAA (HxRefactored 2014) David Harlow 05 14 2014