SlideShare a Scribd company logo

HIPAA and E-Mail: Protecting PHI

Maurene Caplan Grey
Maurene Caplan Grey

Topics: -How is the role of messaging evolving within the healthcare community? - What best practices should healthcare providers take to comply with regulations and plan for the future.

TechnologyHealth & Medicine
1 of 18
HIPAA and E-Mail: Protecting PHI Maurene Caplan Grey Founder, Principal Analyst
HIPAA “101” ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Today’s Topics ,[object Object],[object Object]
Healthcare Industry Evolution Targeted treatments Focus on wellness Customer is the consumer Mass market treatment Focus on illness Customer is the doctor
Increasing Self-Management via E-Mail Physicians, Pharmacists, Peers… Source: Health Data Management Magazine, “Quick Poll,” 9 Sept 2005 Physician resistance to communicating with patients via e-mail is decreasing. I wonder if I have diabetes? What more can I find out? What are other people doing to control it? Patient = Consumer Is this serious? Do I need a checkup? 32.43 24 Disagree 67.7 50 Agree Percentage Respondents
Using an Online Consultation System for Self-Management
PHI within the Healthcare Community Patient’s PHI stored as record by the hospital. PHI sent to lab Insurance company stores patient record Lab report sent to doctor Hospital MD gathers PHI from patient Invoice sent to patient’s healthcare insurance
The New Healthcare Community Suppliers Providers Payers Employers Government Consumers Physicians Life Sciences
Today’s Topics ,[object Object],[object Object]
Why Security and Privacy Policies Fail Rulings are ambiguous and untested Poor or no business processes Social engineering Wrong technology Right technology, poorly implemented No auditing Lack of user training Poor or no governance Rulings change Fraud “ Lost” PHI Local hard drives, cache, memory sticks, PDAs, smart phones, server storage, application data stores…
Approach 1: Gateway 1) File uploads to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to the gateway and downloads file Often used for ad hoc relationships
Approach 2: End-to-End, Gateway 1) File sent to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to gateway and downloads file Often used for ad hoc relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME …
Approach 3: Gateway-to-Gateway Sender Recipient Sender’s gateway to recipient’s gateway Recipient Sender Often used for trusted relationships
Approach 4: End-to-End, Gateway-to-Gateway Sender’s gateway to recipient’s gateway Often used for trusted relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME … Sender Recipient Recipient Sender
Scenario: University with Teaching Hospital ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Training
What You Need To Do Now – People and Business ,[object Object],[object Object],[object Object],[object Object]
What You Need To Do Now – Technology ,[object Object],[object Object],[object Object],[object Object]
For further information on this topic, contact Grey Consulting [email_address] 845.531.5050 www.grey-consulting.com making messaging and collaboration work

Recommended

What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?
lisbk
 
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
lisbk
 
Beyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web AccessibilityBeyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web Accessibility
lisbk
 
What Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum CommunityWhat Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum Community
lisbk
 
Accessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and ProcessesAccessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and Processes
lisbk
 
Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?
lisbk
 
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social WebEngagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
lisbk
 
From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)
lisbk
 

Recommended

What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?
lisbk
 
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
lisbk
 
Beyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web AccessibilityBeyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web Accessibility
lisbk
 
What Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum CommunityWhat Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum Community
lisbk
 
Accessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and ProcessesAccessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and Processes
lisbk
 
Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?
lisbk
 
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social WebEngagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
lisbk
 
From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)
lisbk
 
Implementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning AccessibilityImplementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning Accessibility
lisbk
 
From Web Accessibility to Web Adaptability
From Web Accessibility to Web AdaptabilityFrom Web Accessibility to Web Adaptability
From Web Accessibility to Web Adaptability
lisbk
 
What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?
lisbk
 
This Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me AwayThis Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me Away
lisbk
 
The Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 WorldThe Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 World
lisbk
 
Organisational Use of Twitter
Organisational Use of TwitterOrganisational Use of Twitter
Organisational Use of Twitter
lisbk
 
UKWebFocus blog posts
UKWebFocus blog postsUKWebFocus blog posts
UKWebFocus blog posts
lisbk
 
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
lisbk
 
Building an Accessible Digital Institution
Building an Accessible Digital InstitutionBuilding an Accessible Digital Institution
Building an Accessible Digital Institution
lisbk
 
Why Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty WordsWhy Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty Words
lisbk
 
Welcome to IWMW 2010
Welcome to IWMW 2010Welcome to IWMW 2010
Welcome to IWMW 2010
lisbk
 
The Social Aspect Of Resource Discovery
The Social Aspect Of Resource DiscoveryThe Social Aspect Of Resource Discovery
The Social Aspect Of Resource Discovery
lisbk
 
BS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web AccessibilityBS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web Accessibility
lisbk
 
Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction
lisbk
 
Short brown presentation 26th june 2011
Short brown presentation 26th june 2011Short brown presentation 26th june 2011
Short brown presentation 26th june 2011
Gillian Brown
 
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
lisbk
 
E health presentation 28th june 2011
E health presentation 28th june 2011E health presentation 28th june 2011
E health presentation 28th june 2011
Nick Short
 
Digital Life Beyond The Institution
Digital Life Beyond The InstitutionDigital Life Beyond The Institution
Digital Life Beyond The Institution
lisbk
 
Preparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the InstitutionPreparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the Institution
lisbk
 
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
lisbk
 
Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)
yan_stanford
 
Anatomy of an EMR System
Anatomy of an EMR SystemAnatomy of an EMR System
Anatomy of an EMR System
Hal Amens
 

More Related Content

What's hot

What's hot (20)

Implementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning AccessibilityImplementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning Accessibility
 
From Web Accessibility to Web Adaptability
From Web Accessibility to Web AdaptabilityFrom Web Accessibility to Web Adaptability
From Web Accessibility to Web Adaptability
 
What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?
 
This Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me AwayThis Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me Away
 
The Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 WorldThe Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 World
 
Organisational Use of Twitter
Organisational Use of TwitterOrganisational Use of Twitter
Organisational Use of Twitter
 
UKWebFocus blog posts
UKWebFocus blog postsUKWebFocus blog posts
UKWebFocus blog posts
 
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
 
Building an Accessible Digital Institution
Building an Accessible Digital InstitutionBuilding an Accessible Digital Institution
Building an Accessible Digital Institution
 
Why Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty WordsWhy Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty Words
 
Welcome to IWMW 2010
Welcome to IWMW 2010Welcome to IWMW 2010
Welcome to IWMW 2010
 
The Social Aspect Of Resource Discovery
The Social Aspect Of Resource DiscoveryThe Social Aspect Of Resource Discovery
The Social Aspect Of Resource Discovery
 
BS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web AccessibilityBS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web Accessibility
 
Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction
 
Short brown presentation 26th june 2011
Short brown presentation 26th june 2011Short brown presentation 26th june 2011
Short brown presentation 26th june 2011
 
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
 
E health presentation 28th june 2011
E health presentation 28th june 2011E health presentation 28th june 2011
E health presentation 28th june 2011
 
Digital Life Beyond The Institution
Digital Life Beyond The InstitutionDigital Life Beyond The Institution
Digital Life Beyond The Institution
 
Preparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the InstitutionPreparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the Institution
 
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
 

Similar to HIPAA and E-Mail: Protecting PHI

Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)
yan_stanford
 
Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23
Deven McGraw
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
M2SYS Technology
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description
BenitoSumpter862
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description
SantosConleyha
 
Tips for transitioning to electronic health records
Tips for transitioning to electronic health recordsTips for transitioning to electronic health records
Tips for transitioning to electronic health records
ACROSEAS Global Solutions
 

Similar to HIPAA and E-Mail: Protecting PHI (20)

Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)
 
Anatomy of an EMR System
Anatomy of an EMR SystemAnatomy of an EMR System
Anatomy of an EMR System
 
Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23
 
Healthcare and Cyber security
Healthcare and Cyber securityHealthcare and Cyber security
Healthcare and Cyber security
 
Introduction to EMR
Introduction to EMRIntroduction to EMR
Introduction to EMR
 
EMR Intro
EMR IntroEMR Intro
EMR Intro
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
 
Health Informatics- Module 4-Chapter 2.pptx
Health Informatics- Module 4-Chapter 2.pptxHealth Informatics- Module 4-Chapter 2.pptx
Health Informatics- Module 4-Chapter 2.pptx
 
Texting and E-mail with Patients: Patient Requests and Complying with HIPAA
Texting and E-mail with Patients: Patient Requests and Complying with HIPAATexting and E-mail with Patients: Patient Requests and Complying with HIPAA
Texting and E-mail with Patients: Patient Requests and Complying with HIPAA
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Modernizing Patient Records
Modernizing Patient RecordsModernizing Patient Records
Modernizing Patient Records
 
Patient relationship management on the cloud
Patient relationship management on the cloudPatient relationship management on the cloud
Patient relationship management on the cloud
 
Health Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient Care
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description
 
1042 pm (cst)assignment details assignment description
1042 pm (cst)assignment details assignment description1042 pm (cst)assignment details assignment description
1042 pm (cst)assignment details assignment description
 
Tips for transitioning to electronic health records
Tips for transitioning to electronic health recordsTips for transitioning to electronic health records
Tips for transitioning to electronic health records
 
Babithas Notes on unit-2 Health/Nursing Informatics Technology
Babithas Notes on unit-2 Health/Nursing Informatics TechnologyBabithas Notes on unit-2 Health/Nursing Informatics Technology
Babithas Notes on unit-2 Health/Nursing Informatics Technology
 
Health Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient Care
 
A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )
 

More from Maurene Caplan Grey

E Mail Management At A Crossroad
E Mail Management At A CrossroadE Mail Management At A Crossroad
E Mail Management At A Crossroad
Maurene Caplan Grey
 
New Media: Transforming Organizational Communications
New Media: Transforming Organizational CommunicationsNew Media: Transforming Organizational Communications
New Media: Transforming Organizational Communications
Maurene Caplan Grey
 
Collaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementCollaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records Management
Maurene Caplan Grey
 

More from Maurene Caplan Grey (7)

Communication: Chaos to Clarity
Communication: Chaos to ClarityCommunication: Chaos to Clarity
Communication: Chaos to Clarity
 
Leveraging linked in for the job search passive vs active techniques
Leveraging linked in for the job search passive vs active techniquesLeveraging linked in for the job search passive vs active techniques
Leveraging linked in for the job search passive vs active techniques
 
Social Media: An Avenue In Your Job Search
Social Media: An Avenue In Your Job SearchSocial Media: An Avenue In Your Job Search
Social Media: An Avenue In Your Job Search
 
Collaboration & Social Media New Challenges For Records Management
Collaboration & Social Media New Challenges For Records ManagementCollaboration & Social Media New Challenges For Records Management
Collaboration & Social Media New Challenges For Records Management
 
E Mail Management At A Crossroad
E Mail Management At A CrossroadE Mail Management At A Crossroad
E Mail Management At A Crossroad
 
New Media: Transforming Organizational Communications
New Media: Transforming Organizational CommunicationsNew Media: Transforming Organizational Communications
New Media: Transforming Organizational Communications
 
Collaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementCollaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records Management
 

Recently uploaded

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Recently uploaded (20)

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 

HIPAA and E-Mail: Protecting PHI

  • 1. HIPAA and E-Mail: Protecting PHI Maurene Caplan Grey Founder, Principal Analyst
  • 2.
  • 3.
  • 4. Healthcare Industry Evolution Targeted treatments Focus on wellness Customer is the consumer Mass market treatment Focus on illness Customer is the doctor
  • 5. Increasing Self-Management via E-Mail Physicians, Pharmacists, Peers… Source: Health Data Management Magazine, “Quick Poll,” 9 Sept 2005 Physician resistance to communicating with patients via e-mail is decreasing. I wonder if I have diabetes? What more can I find out? What are other people doing to control it? Patient = Consumer Is this serious? Do I need a checkup? 32.43 24 Disagree 67.7 50 Agree Percentage Respondents
  • 6. Using an Online Consultation System for Self-Management
  • 7. PHI within the Healthcare Community Patient’s PHI stored as record by the hospital. PHI sent to lab Insurance company stores patient record Lab report sent to doctor Hospital MD gathers PHI from patient Invoice sent to patient’s healthcare insurance
  • 8. The New Healthcare Community Suppliers Providers Payers Employers Government Consumers Physicians Life Sciences
  • 9.
  • 10. Why Security and Privacy Policies Fail Rulings are ambiguous and untested Poor or no business processes Social engineering Wrong technology Right technology, poorly implemented No auditing Lack of user training Poor or no governance Rulings change Fraud “ Lost” PHI Local hard drives, cache, memory sticks, PDAs, smart phones, server storage, application data stores…
  • 11. Approach 1: Gateway 1) File uploads to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to the gateway and downloads file Often used for ad hoc relationships
  • 12. Approach 2: End-to-End, Gateway 1) File sent to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to gateway and downloads file Often used for ad hoc relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME …
  • 13. Approach 3: Gateway-to-Gateway Sender Recipient Sender’s gateway to recipient’s gateway Recipient Sender Often used for trusted relationships
  • 14. Approach 4: End-to-End, Gateway-to-Gateway Sender’s gateway to recipient’s gateway Often used for trusted relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME … Sender Recipient Recipient Sender
  • 15.
  • 16.
  • 17.
  • 18. For further information on this topic, contact Grey Consulting [email_address] 845.531.5050 www.grey-consulting.com making messaging and collaboration work