Abstract image of a woman sitting on books and studying on a laptop

Week 1 discussion 2 confidentiality final

Download as PPTX, PDF
Lucy Lacy, profile picture
Lucy Lacy

This document outlines the objectives and key points of a privacy and information security awareness course. It discusses laws governing protected health information, such as HIPAA and HITECH. Sensitive information that must be protected includes PHI and PII. Individual responsibilities include maintaining integrity, confidentiality, and availability of information. Incidents like unauthorized access or discussion of sensitive data should be reported. Failure to comply with privacy laws can result in civil or criminal penalties such as fines and imprisonment.

1 of 13
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
PRIVACY & INFORMATION SECURITY AWARNESS Ashford University MHA 690: Health Care Capstone Dr. Sherry Grover May 23, 2013
Course Objectives  Knowledge about the laws that governs the privacy and protection of identifiable health information  Recognize the types of information that must be kept private Recognize your responsibilities to protect privacy when dealing with sensitive information How to protect the privacy of identifiable health information Examples of incidents to report Knowledge of the process for reporting incidents and penalties of non-compliance
Laws and Regulations  Privacy Act of 1974 – Governs the collection, use and distribution o a person’s identifiable information kept in a system of record  Health Insurance Portability & Accountability Act (HIPPA)- law th protects the privacy of ones person’s personal health information  Federal Information Security Management Act (FISMA) – law that requires a risk assessment program, policies and procedures, evaluation of security controls, and provide training of information security to all employees  Health Information Technology for Economic and Clinical Health Act (HITECH) – requires patients to be notified of security breach, funds the adoption of health information technology for organization and enforces HIPPA violation penalties
What to Protect Sensitive information includes both our organizational business information and patients’ private information. Violations can be accidental or purposefully. Do not disclose, modify, or destroy any sensitive information unless you are authorized to do so. Sensitive information includes:  Protected Health Information (PHI) Personal Identifiable Information Internal Business Information
Your Responsibilities to Protect It Information security will be maintained when you ensure the following: Integrity – information is secure and protected from being damaged or altered Confidentiality – information is kept private and not disclosed to those who do not have permission to view it Availability – access to information systems and networks are available to those who have been granted permission
How to Protect It Follow the policies and procedures Only access and view information that is needed for you to do your job Use encrypted email  Do not place sensitive information in trash receptacles Do not discuss sensitive information in public places
Information Security Officer (ISO) Privacy Officer Your Supervisor Who Can Provide Support?
Examples of Incidents Observing someone access records that he/she should not Observing someone change or delete records without proper permission Finding a device with sensitive information Hearing a persons discussing sensitive information to an unauthorized person Accessing mail or email that you should not access
Examples of Incidents Observing someone access records that he/she should not Observing someone change or delete records without proper permission Finding a device with sensitive information Hearing a persons discussing sensitive information to an unauthorized person Accessing mail or email that you should not access
How to Report an Incident Immediately notify your supervisor and ISO of:  Person (s) involved  The time of the incident  What information was shared If the incident is after hours or weekends, you can call the Helpdesk @ 800-877-4327.
Consequences Suspension of access to information systems Disciplinary actions in your personnel file Suspension or job loss Civil or criminal prosecution Fines and/or imprisonment
Civil and Criminal Penalties Destroy records without being authorized - $2000 in fines & 3 years in prison Violation of the Privacy Act - $5000 & 1 year in prison per occurrence Intentional incident - $250,000 fines & 10 years in prison
References All images were from http://www.dreamstime.com/free-photos- images/flowers.html Privacy and Information Security Awareness. Retrieved from: https://www.tms.va.gov Velez, J. (2003). Hippa privacy compliance implications and solutions. Caribbean Business.

More Related Content

PPTX
Week 1 discussion 2 confidentiality
Lucy Lacy
 
PPTX
Confidentially in the workplace
Knighten
 
PPTX
Blodgett MHA 690 W1 D2
Amanda Blodgett
 
PPTX
Hipaa training
Tara Dye
 
PPTX
Mha 690 week 1 discussion presentation
falane
 
PPT
hipaa presentation
Renee Bell
 
PPTX
Administrative safeguards
Melissa President
 
PDF
Mha 690 wk 1 dis 3
akudan
 
Week 1 discussion 2 confidentiality
Lucy Lacy
 
Confidentially in the workplace
Knighten
 
Blodgett MHA 690 W1 D2
Amanda Blodgett
 
Hipaa training
Tara Dye
 
Mha 690 week 1 discussion presentation
falane
 
hipaa presentation
Renee Bell
 
Administrative safeguards
Melissa President
 
Mha 690 wk 1 dis 3
akudan
 

What's hot (16)

PPTX
Privacy and confidentiality
scarollo
 
PPTX
Hipaa in the era of ehr mo dept hss
learfield
 
DOCX
Data protection policy alex clapson 20-11-17
Alex Clapson
 
PPTX
Confidentiality Training
ridley27
 
PPTX
Presentation5
Hana Tsege
 
PPTX
Hippa presentation
ramona kelley
 
PPTX
Hipaa training by p. lynch
plynch2012
 
PPTX
Confidentiality and you
yola121
 
PPTX
Hippa training 2017
Ashley Valenzuela
 
PPT
Confidentiality Rules
kholman1
 
PPT
What is HIPAA
Latonya Owens
 
PPT
What is HIPAA
Latonya Owens
 
PDF
Do You Know How to Handle a HIPAA Breach?
Compliancy Group
 
PDF
HIPAA Compliance Checklist
Leigh-Ann Renz
 
PPT
Hippa
kimgeorgelong08
 
PDF
Hipaa journal com - HIPAA compliance guide
Felipe Prado
 
Privacy and confidentiality
scarollo
 
Hipaa in the era of ehr mo dept hss
learfield
 
Data protection policy alex clapson 20-11-17
Alex Clapson
 
Confidentiality Training
ridley27
 
Presentation5
Hana Tsege
 
Hippa presentation
ramona kelley
 
Hipaa training by p. lynch
plynch2012
 
Confidentiality and you
yola121
 
Hippa training 2017
Ashley Valenzuela
 
Confidentiality Rules
kholman1
 
What is HIPAA
Latonya Owens
 
What is HIPAA
Latonya Owens
 
Do You Know How to Handle a HIPAA Breach?
Compliancy Group
 
HIPAA Compliance Checklist
Leigh-Ann Renz
 
Hippa
kimgeorgelong08
 
Hipaa journal com - HIPAA compliance guide
Felipe Prado
 
Ad

Viewers also liked (10)

PDF
1st isaca conference program
George Papoulias
 
PPTX
Security in HR... How secure are your files, really?
Chapelle Ryon
 
PDF
CONFIDENTIALITY AGREEMENT - Contract Template and Sample
Global Negotiator
 
PPT
Non-Disclosure Agreement: key points
Legal artviser
 
PPTX
Fraud Prevention - St. Louis - March 6, 2015
Ron Steinkamp
 
DOCX
Nondisclosure Agreements (Training Notes and Template)
Cameron Sellers
 
PDF
WEBINAR - A New Era in HR Security for SAP
UL Transaction Security
 
PDF
CERT - EXXONMOBIL - CYBER SECURITY AWARNESS
Maria Raju
 
PDF
Fadi Mutlak - Information security governance
nooralmousa
 
PPT
Organization Management, business presentations
http://www.drawpack.com
 
1st isaca conference program
George Papoulias
 
Security in HR... How secure are your files, really?
Chapelle Ryon
 
CONFIDENTIALITY AGREEMENT - Contract Template and Sample
Global Negotiator
 
Non-Disclosure Agreement: key points
Legal artviser
 
Fraud Prevention - St. Louis - March 6, 2015
Ron Steinkamp
 
Nondisclosure Agreements (Training Notes and Template)
Cameron Sellers
 
WEBINAR - A New Era in HR Security for SAP
UL Transaction Security
 
CERT - EXXONMOBIL - CYBER SECURITY AWARNESS
Maria Raju
 
Fadi Mutlak - Information security governance
nooralmousa
 
Organization Management, business presentations
http://www.drawpack.com
 
Ad

Similar to Week 1 discussion 2 confidentiality final (20)

PPTX
Week 1 discussion 2 confidentiality
Lucy Lacy
 
PPT
Legal and ethical considerations in nursing informatics
AHMED ZINHOM
 
PPTX
Confidentiality and information security33.pptx
fahmyahmed789
 
PDF
Crowdsurf - HIPAA & FERPA Data Privacy Training.pdf
axeneqer
 
PPT
Training on confidentiality MHA690 Hayden
haydens
 
DOCX
Chapter 5HIPAA and HITECHLearning ObjectivesUnde
WilheminaRossi174
 
PDF
STUCOR_CS8792-LL.pdf
503SaranyaS
 
PPTX
Confidentiality
Ellen Forsström
 
PPTX
Training innovations information governance slideshare 2015
Patrick Doyle
 
PPTX
Data security training
carmelaangelica
 
PPTX
Presentation hippa
maggie_Platt
 
PPTX
Hippa final JU nursing informatics
kmcanty
 
DOCX
Confidentiality 9.26.13
pneville0629
 
PPTX
Marc etienne week1 discussion2 presentation
MarcEtienne6
 
PDF
HIPAA Compliance For Small Practices
Nisos Health
 
PPT
Objective 5 legal consideration in NIS.ppt
ZariabJohn
 
PDF
Workplace Investigations - Safeguarding Sensitive Information with Care.pdf
Lisa Bell
 
DOCX
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
christinemaritza
 
PPTX
UCLA compliance training
TCromwell01
 
PPT
Mha690 wk 1 fletcher
Emed32
 
Week 1 discussion 2 confidentiality
Lucy Lacy
 
Legal and ethical considerations in nursing informatics
AHMED ZINHOM
 
Confidentiality and information security33.pptx
fahmyahmed789
 
Crowdsurf - HIPAA & FERPA Data Privacy Training.pdf
axeneqer
 
Training on confidentiality MHA690 Hayden
haydens
 
Chapter 5HIPAA and HITECHLearning ObjectivesUnde
WilheminaRossi174
 
STUCOR_CS8792-LL.pdf
503SaranyaS
 
Confidentiality
Ellen Forsström
 
Training innovations information governance slideshare 2015
Patrick Doyle
 
Data security training
carmelaangelica
 
Presentation hippa
maggie_Platt
 
Hippa final JU nursing informatics
kmcanty
 
Confidentiality 9.26.13
pneville0629
 
Marc etienne week1 discussion2 presentation
MarcEtienne6
 
HIPAA Compliance For Small Practices
Nisos Health
 
Objective 5 legal consideration in NIS.ppt
ZariabJohn
 
Workplace Investigations - Safeguarding Sensitive Information with Care.pdf
Lisa Bell
 
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
christinemaritza
 
UCLA compliance training
TCromwell01
 
Mha690 wk 1 fletcher
Emed32
 

Week 1 discussion 2 confidentiality final

  • 1. PRIVACY & INFORMATION SECURITY AWARNESS Ashford University MHA 690: Health Care Capstone Dr. Sherry Grover May 23, 2013
  • 2. Course Objectives  Knowledge about the laws that governs the privacy and protection of identifiable health information  Recognize the types of information that must be kept private Recognize your responsibilities to protect privacy when dealing with sensitive information How to protect the privacy of identifiable health information Examples of incidents to report Knowledge of the process for reporting incidents and penalties of non-compliance
  • 3. Laws and Regulations  Privacy Act of 1974 – Governs the collection, use and distribution o a person’s identifiable information kept in a system of record  Health Insurance Portability & Accountability Act (HIPPA)- law th protects the privacy of ones person’s personal health information  Federal Information Security Management Act (FISMA) – law that requires a risk assessment program, policies and procedures, evaluation of security controls, and provide training of information security to all employees  Health Information Technology for Economic and Clinical Health Act (HITECH) – requires patients to be notified of security breach, funds the adoption of health information technology for organization and enforces HIPPA violation penalties
  • 4. What to Protect Sensitive information includes both our organizational business information and patients’ private information. Violations can be accidental or purposefully. Do not disclose, modify, or destroy any sensitive information unless you are authorized to do so. Sensitive information includes:  Protected Health Information (PHI) Personal Identifiable Information Internal Business Information
  • 5. Your Responsibilities to Protect It Information security will be maintained when you ensure the following: Integrity – information is secure and protected from being damaged or altered Confidentiality – information is kept private and not disclosed to those who do not have permission to view it Availability – access to information systems and networks are available to those who have been granted permission
  • 6. How to Protect It Follow the policies and procedures Only access and view information that is needed for you to do your job Use encrypted email  Do not place sensitive information in trash receptacles Do not discuss sensitive information in public places
  • 7. Information Security Officer (ISO) Privacy Officer Your Supervisor Who Can Provide Support?
  • 8. Examples of Incidents Observing someone access records that he/she should not Observing someone change or delete records without proper permission Finding a device with sensitive information Hearing a persons discussing sensitive information to an unauthorized person Accessing mail or email that you should not access
  • 9. Examples of Incidents Observing someone access records that he/she should not Observing someone change or delete records without proper permission Finding a device with sensitive information Hearing a persons discussing sensitive information to an unauthorized person Accessing mail or email that you should not access
  • 10. How to Report an Incident Immediately notify your supervisor and ISO of:  Person (s) involved  The time of the incident  What information was shared If the incident is after hours or weekends, you can call the Helpdesk @ 800-877-4327.
  • 11. Consequences Suspension of access to information systems Disciplinary actions in your personnel file Suspension or job loss Civil or criminal prosecution Fines and/or imprisonment
  • 12. Civil and Criminal Penalties Destroy records without being authorized - $2000 in fines & 3 years in prison Violation of the Privacy Act - $5000 & 1 year in prison per occurrence Intentional incident - $250,000 fines & 10 years in prison
  • 13. References All images were from http://www.dreamstime.com/free-photos- images/flowers.html Privacy and Information Security Awareness. Retrieved from: https://www.tms.va.gov Velez, J. (2003). Hippa privacy compliance implications and solutions. Caribbean Business.