The Task Force. The Paperless Future Is Here! Goals & Objectives. Is it really time to go paperless? 7/13/2015

Size: px
Start display at page:

Download "The Task Force. The Paperless Future Is Here! Goals & Objectives. Is it really time to go paperless? 7/13/2015"

Transcription

1 The Task Force The Paperless Future Is Here! Sandy Bunch VanderPol, FAPR, RMR, CRR, RSA Credentialed Anthony Frisolone, FAPR, RDR, CRR, RSA Credentialed Jason Meadors, FAPR, RPR, CRR Appointed by President Nancy Varallo in 2014 Co-Chairs: Sandy VanderPol, Lotus, CA (appointed 2014) Jim DeCrescenzo, Philadelphia, PA (appointed 2014) Members: Anthony Frisolone, Member Allison Kimmel, Member Jim Woitalla, Member Susan Garvin, Member Board Liaison: Tami Keenan, Immediate Past President Staff Liaison: Irene Cahill, Director, Information Services and Research Goals & Objectives Is it really time to go paperless? Present the report of the task force. Explain how the task force reached its conclusions regarding best practices in the paperless environment. Obtain feedback from the audience. Answers questions. Integrate COPE (Code of Professional Ethics) into this topic. 1

2 Disclaimer Charge #2 THIS BEST PRACTICES DOCUMENT REFLECTS THE OPINIONS OF THE MEMBERS OF NCRA S 2014 PAPERLESS (and approved by the NCRA BOD) FUTURE TASK FORCE AND FOLLOWS THE STATUS OF THE LAW IN MOST JURISDICTIONS. MEMBERS ARE ENCOURAGED TO CONFORM TO THE ACCEPTED PRACTICES SET FORTH IN THIS PUBLIC DOCUMENT TO THE EXTENT THAT SUCH PRACTICES ARE CONSISTENT WITH THEIR OWN APPLICABLE STATE AND LOCAL LAWS, RULES AND REGULATIONS. Create new how-to documents and articles regarding digital and electronic signatures, and make this information available as a NCRA member resource. Charge #2 Digital and Electronic Signatures Definition of Digital Signature: Digital signatures take the concept of traditional paper-based signing and turn it into a digital coded message or fingerprint. This fingerprint is unique to both the document and the signer. The digital signature ensures that the signee is indeed the originator of the message. Changes made after the document is signed are noted. Charge #2 Digital and Electronic Signatures Definition of Electronic Signature: An electronic signature is a representation of a person in the form of a digitized image of his or her handwritten signature. It is typically attached to an electronic document or transaction and can be copied. Taken from Stenograph Corporation website 2

3 What is a Digital Signature? Freelance Reporters Obtain a Digital Signature certificate. Digitally and electronically sign your final transcript in PDF, and send it to the reporting firm. The reporter s certificate page should include the number of pages embodied within the transcript. Freelance Reporters Follow HIPAA procedures when submitting a transcript that is bound by HIPAA regulations. Always use a secure network when backing up your data (HIPAA data) to the cloud. Print the certificate page from the reporter s electronically signed transcript. Provide a secure method for the reporter to electronically deliver the transcript. Notify the reporter if changes/corrections are/may be necessary before sending to the client. Provide the reporter with a digital copy of the deponent s corrections. 3

4 Provide a HIPAA-compliant delivery mechanism to the reporter when submitting transcripts that fall under HIPAA mandates. Always use a secure network when backing up your data (HIPAA data) to the cloud. Official Reporters Obtain a Digital Signature certificate. If you are providing a paperless trial transcript only, discuss with the lawyers whether a digitally-signed PDF transcript file will suffice. Digitally and electronically sign your final transcript in PDF, and send it to the trial attorneys. Are Digital Signatures Legal? Digital Signature articles Digital Signature articles Go to and search for "digital signatures." Just the top three hits: - NCRA Tech CoI: "Digital Signatures" 0c14c541731e.pdf - "Digital Signatures in Plain English" - "Why You Need A Digital Signature Now" And the hits keep coming after that. 4

5 COPE Advisory Opinion #19 Statement of Facts The purpose of this opinion is to guide members regarding certification of hard copy and electronic transcripts as well as the electronic transmission of transcripts. COPE Advisory Opinion #19 The Public and the legal community must have absolute faith in the reporter s certification that the record is true and accurate. No act could undermine the profession more than false certification of a record. When a reporter submits a written record of a proceeding electronically or in any other manner and knowingly allows someone to attach or incorporate a generic pre-signed certificate not specifically prepared for that record, the reporter is abdicating the responsibilities mandated by the Code of Professional Ethics Provisions 3, 4, 5 and 9. COPE Advisory Opinion #19 Finally, the Committee concludes that in addition to the above requirements related to certifying a transcript, every reporter must make a good faith effort to ensure the security of the information contained in a transcript that is electronically transmitted by the reporter. Charge #3 Compile a list of the most common issues surrounding private or sensitive information and work with NCSA to learn more about how redaction is handled on a local level. Once the list is compiled, create best practice solutions for these issues, develop a plan for educating the community, and implement the plan over the year. The discussion should include HIPAA-II compliance and security of the information transmitted via the cloud and third-party vendors. The committee should also consider getting a legal opinion from counsel regarding the impact of HIPAA-II. 5

6 Charge #3 HIPAA What Does it Stand For? Charge #3 - HIPAA Few Federal Rules have created more changes in the court reporting community than the Health Insurance Portability and Accountability Act (HIPAA.) As the nation moves from paper to electronic health records, HIPAA was enacted to standardize certain electronic transactions related to health care. Protecting the privacy of individuals health information is now the responsibility of every entity that comes into contact with that information. Charge #3 - HIPAA HIPAA is a comprehensive Act that includes: A Security Rule (45 CFR 164.3) Breach Notification Rule (45 CFR 164.4) Privacy Rule (45 CFR 164.5) Enforcement Rule (45 CFR ). The details and obligations of these Rules are extensive and beyond the capacity of this Task Force to interpret. Charge #3 - HIPAA Recognizing the complexity of the obligations placed upon court reporters handling Protected Health Information (PHI), NCRA engaged Patton Boggs, LLP to issue a HIPAA Overview & Educational Material for Member Distribution ( ) memorandum. The memorandum can be found at and should guide the actions of court reporters. 6

7 Charge #4 Create a best practices document that addresses the storage and security of electronic court reporter documents (transcripts and exhibits). This should also include metrics for how to prepare for disaster recovery. This applies to freelancers, officials, and firm owners. Freelance Reporters Practice redundant backup for transcript files and exhibits. Back up in four formats: PDF with digital and electronic signatures, ASCII, PDF/A complaint, and a zipped folder of your CAT files steno notes, transcript, case/job dictionary, Brief-It suggestions, user settings, etc. At least one backup option should be in the cloud backup drives can fail. Freelance Reporters Back up often weekly at minimum, or have an automatic cloud backup running in the background. Store your backup drives in a safe and secure place with each drive in a different location. Back up your HIPAA-sensitive transcript files using encryption software. Back up exhibits files, if available, from the firm. Freelance Reporters The writer and its backups should not be the only thing the reporter relies on. Write realtime to an external computer or use a digital record backup. If the writer malfunctions and loses the data, an external backup is the only way to reconstruct it. For highly sensitive depositions, encrypting the computer may be deemed necessary. 7

8 Practice redundant backup for transcript files and exhibits. Back up in four formats: PDF with digital and electronic signatures, ASCII, PDF/A complaint, and a zipped folder of your CAT files steno notes, transcript, case/job dictionary, Brief-It suggestions, user settings, etc. At least one backup option should be in the cloud backup drives can fail. Back up often weekly at minimum or have an automatic cloud backup running in the background. Store your portable backup drives, if used, in a safe and secure place with each drive in a different location. Back up your HIPAA-sensitive transcript files using encryption software. The writer and its backups should not be the only thing the reporter relies on. Write realtime to an external computer or use a digital record backup. If the writer malfunctions and loses the data, an external backup is the only way to reconstruct it. For highly sensitive depositions, encrypting the computer may be deemed necessary. Confirm that your servers meet the minimum security requirements. Provide a link or access of each deposition s digital exhibits to the reporter. Develop and maintain a disaster recovery plan. 8

9 The writer and its backups should not be the only thing the reporter relies on. Write realtime to an external computer or use a digital record backup. If the writer malfunctions and loses the data, an external backup is the only way to reconstruct it. For highly sensitive depositions, encrypting the computer may be deemed necessary. Official Reporters Practice redundant backup for transcript files and exhibits. Back up in four formats: PDF with digital and electronic signatures, ASCII, PDF/A complaint, and a zipped folder of your CAT files steno notes, transcript, case/job dictionary, Brief-It suggestions, user settings, etc. At least one backup option should be in the cloud backup drives can fail. Official Reporters Back up often weekly at minimum, or have an automatic cloud backup running in the background. Store your backup drives in a safe and secure place with each drive in a different location. Create a disaster recovery plan, either together with the entire court reporting staff of the court, or with the Clerk of court, and file the plan with the Clerk of court. COPE (General Guidelines) In making the official record, a Member should: Preserve the shorthand notes in accordance with statute or court order, or otherwise for a period of no less than five (5) years through storage of the original paper notes or an electronic copy of either the shorthand notes or the English transcript of the notes on computer disks, cassettes, backup tape systems, or optical or laser disk systems. 9

10 Charge #5 Paperless Writing Systems & Backups Create a best practices document for reporters who use paperless writing systems. These best practices will help members back up their data in a paperless environment and avoid data loss. Paperless Writing Systems & Backups Steno writing devices should have at least two backup features (one of which can be your computer). The writer s charger should be available during the job, should the battery get low. If not writing realtime to a computer, confirm that the notes have been stored onto one of the writer s backup sources before turning it off. Paperless Writing Systems & Backups Consult the vendor s user manual to know how to back up notes directly from writer to USB thumb drive. Carry additional backup sources, such as SD card(s), USB thumb drive(s), should the one in the writer (or the writer itself) malfunction. Keep and/or transport the backup media separate from the writer. Paperless Writing Systems & Backups Confirm a cloud storage company s policies on encryption and Consult the vendor s user manual to know how to back up notes directly from writer to USB thumb drive. Carry additional backup sources, such as SD card(s), USB thumb drive(s), should the one in the writer (or the writer itself) malfunction. 10

11 Paperless Writing Systems & Backups Charge #1 Keep and/or transport the backup media separate from the writer. Security many popular sites, including Dropbox and GoogleDrive, can decrypt files at any time or reserve the right to use content stored on their sites. Identify both the pros and cons for alternative cost models character count, universal transcript format, and hourly. Based on this information, recommend to the NCRA Board whether or not the Association is the appropriate organization to explore a new model or if it should be left to the states instead. This charge is investigative only based on current models based on current state statutes and the freelance field. 11

Using Cloud Technology to Your Advantage

Using Cloud Technology to Your Advantage Using Cloud Technology to Your Advantage About the Presenter Sandy Bunch VanderPol, FAPR, RMR, CRR, CSR #3032 Currently a Freelance Deposition Reporter Roadmap What is Cloud Computing? Why should you use

More information

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Note: Information provided to NCRA by Melodi Gates, Associate with Patton Boggs, LLC Privacy and data protection

More information

Ethical Considerations for Lawyers Using the Cloud

Ethical Considerations for Lawyers Using the Cloud Ethical Considerations for Lawyers Using the Cloud Presentation by Peter J. Guffin, Esq. Pierce Atwood LLP pguffin@pierceatwood.com (207) 791-1199 Maine State Bar Association Summer Meeting June 22, 2012

More information

By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN

By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN Major Changes to HIPAA Security and Privacy Rules Enacted in Economic Stimulus Package By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN The HITECH Act is the

More information

BUSINESS ASSOCIATE AGREEMENT ( BAA )

BUSINESS ASSOCIATE AGREEMENT ( BAA ) BUSINESS ASSOCIATE AGREEMENT ( BAA ) Pursuant to the terms and conditions specified in Exhibit B of the Agreement (as defined in Section 1.1 below) between EMC (as defined in the Agreement) and Subcontractor

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,

More information

HIPAA/HITECH Compliance Using VMware vcloud Air

HIPAA/HITECH Compliance Using VMware vcloud Air Last Updated: September 23, 2014 White paper Introduction This paper is intended for security, privacy, and compliance officers whose organizations must comply with the Privacy and Security Rules of the

More information

Social Marketing & Liability

Social Marketing & Liability Social Marketing & Liability Fred E. Karlinsky, Esq. Co-Chair, Insurance Regulatory & Transactions Practice Shareholder, Greenberg Traurig Louisiana Insurers Conference Insurance Compliance Seminar August

More information

HIPAA COMPLIANCE AND DATA PROTECTION. sales@eaglenetworks.it +39 030 201.08.25 Page 1

HIPAA COMPLIANCE AND DATA PROTECTION. sales@eaglenetworks.it +39 030 201.08.25 Page 1 HIPAA COMPLIANCE AND DATA PROTECTION sales@eaglenetworks.it +39 030 201.08.25 Page 1 CONTENTS Introduction..... 3 The HIPAA Security Rule... 4 The HIPAA Omnibus Rule... 6 HIPAA Compliance and EagleHeaps

More information

Medical Privacy Version 2015.12.10 - Standard. Business Associate Agreement. 1. Definitions

Medical Privacy Version 2015.12.10 - Standard. Business Associate Agreement. 1. Definitions Medical Privacy Version 2015.12.10 - Standard Business Associate Agreement This Business Associate Agreement (the Agreement ) shall apply to the extent that the Lux Scientiae HIPAA Customer signee is a

More information

HIPAA Compliance (DSHS and HCA) Preamble: This section of the Contract is the Business Associate Agreement as

HIPAA Compliance (DSHS and HCA) Preamble: This section of the Contract is the Business Associate Agreement as HIPAA Compliance (DSHS and HCA) Preamble: This section of the Contract is the Business Associate Agreement as required by HIPAA. 1. Definitions. a. Business Associate, as used in this Contract, means the

More information

Shipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS

Shipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS Shipman & Goodwin LLP HIPAA Alert March 2009 STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS The economic stimulus package, officially named the American Recovery and Reinvestment Act of 2009

More information

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions

Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions Faster, Smarter, More Secure: IT Services Geared for the Health Care Industry A White Paper by CMIT Solutions Table of Contents Introduction... 3 1. Data Backup: The Most Critical Part of any IT Strategy...

More information

UNH Policy on Compliance with the Health Insurance Portability and Accountability Act (HIPAA)

UNH Policy on Compliance with the Health Insurance Portability and Accountability Act (HIPAA) UNH Policy on Compliance with the Health Insurance Portability and Accountability Act (HIPAA) 1 Preamble Approved August 5, 2014 1.1 The Health Insurance Portability and Accountability Act of 1996 (Public

More information

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy Amended as of February 12, 2010 on the authority of the HIPAA Privacy Officer for Creative Solutions in Healthcare, Inc. TABLE OF CONTENTS ARTICLE

More information

Model Business Associate Agreement

Model Business Associate Agreement Model Business Associate Agreement Instructions: The Texas Health Services Authority (THSA) has developed a model BAA for use between providers (Covered Entities) and HIEs (Business Associates). The model

More information

CallRail Healthcare Marketing. HIPAA and HITECH Compliance for Covered Entities using Call Analytics Software

CallRail Healthcare Marketing. HIPAA and HITECH Compliance for Covered Entities using Call Analytics Software CallRail Healthcare Marketing HIPAA and HITECH Compliance for Covered Entities using Call Analytics Software Healthcare 2015 HIPAA and HITECH Compliance for Covered Entities using Call Analytics Software

More information

Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015

Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Katherine M. Layman Cozen O Connor 1900 Market Street Philadelphia, PA 19103 (215) 665-2746

More information

MaxMD 2200 Fletcher Ave. 5 th Floor Fort Lee, NJ (201) 963 0005 www.max.md www.mdemail.md support@max.md Page 1of 10

MaxMD 2200 Fletcher Ave. 5 th Floor Fort Lee, NJ (201) 963 0005 www.max.md www.mdemail.md support@max.md Page 1of 10 Business Associate Agreement This Business Associate Agreement (the Agreement ) shall apply to the extent that the MaxMD Customer signee is a Covered Entity or "HIPAA Business Associate," as defined below.

More information

HIPAA Compliance and the Protection of Patient Health Information

HIPAA Compliance and the Protection of Patient Health Information HIPAA Compliance and the Protection of Patient Health Information WHITE PAPER By Swift Systems Inc. April 2015 Swift Systems Inc. 7340 Executive Way, Ste M Frederick MD 21704 1 Contents HIPAA Compliance

More information

What Virginia s Free Clinics Need to Know About HIPAA and HITECH

What Virginia s Free Clinics Need to Know About HIPAA and HITECH What Virginia s Free Clinics Need to Know About HIPAA and HITECH This document is one in a series of tools and white papers produced by the Virginia Health Care Foundation to help Virginia s free clinics

More information

Case CATalyst is digital-signature ready! Introduction... 2. What are digital signatures?... 3

Case CATalyst is digital-signature ready! Introduction... 2. What are digital signatures?... 3 Case CATalyst is digital-signature ready! Help insure that your transcript is only seen by your intended recipient. Restrict what other people can do with your transcript. Keep your annual cost to as low

More information

Popular Industry Applications

Popular Industry Applications Popular Industry Transporter Besides being great for the home, Transporter is a perfect solution for business. Private cloud storage is critical for a variety of businesses and industries, in particular

More information

CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING

CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING CCBE response regarding the European Commission Public Consultation on Cloud Computing The Council of Bars and Law

More information

HIPAA Business Associate Addendum

HIPAA Business Associate Addendum HIPAA Business Associate Addendum THIS HIPAA BUSINESS ASSOCIATE ADDENDUM (this Addendum ) is by and between ( Covered Entity ) and TALKSOFT CORPORATION ( Business Associate ) (hereinafter, Covered Entity

More information

ETHICS for Lawyers and Law Firms Using Cloud Technology

ETHICS for Lawyers and Law Firms Using Cloud Technology ETHICS for Lawyers and Law Firms Using Cloud Technology Donna Kirk Seyle ~ Legal Tech Advisor: Law Practice Strategy 108 MONTESANO ST SANTA CRUZ, CA 95062 (831) 332-2243 Donna Seyle is an attorney, author,

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (this Agreement ) is made effective as of the day of 2014 (the Effective Date ), by and between Sarasota County Public Hospital District,

More information

HIPAA COMPLIANCE AND

HIPAA COMPLIANCE AND INTRONIS CLOUD BACKUP & RECOVERY HIPAA COMPLIANCE AND DATA PROTECTION CONTENTS Introduction 3 The HIPAA Security Rule 4 The HIPAA Omnibus Rule 6 HIPAA Compliance and Intronis Cloud Backup and Recovery

More information

Neither You Nor Your Business Associates Can Afford to be Lax About Complying with HIPAA Requirements

Neither You Nor Your Business Associates Can Afford to be Lax About Complying with HIPAA Requirements Neither You Nor Your Business Associates Can Afford to be Lax About Complying with HIPAA Requirements Sara Kashing, JD, Staff Attorney July/August 2012 The Therapist If you are considered a Covered Entity

More information

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) Table of Contents Introduction... 1 1. Administrative Safeguards...

More information

Kaiser Permanente Affiliate Link Provider Web Site Application

Kaiser Permanente Affiliate Link Provider Web Site Application Kaiser Foundation Health Plan of Colorado Kaiser Permanente Affiliate Link Provider Web Site Application FOR PROVIDERS CONTRACTED WITH KAISER IN THE COLORADO REGION ONLY Page 1 of 7 Kaiser Permanente Affiliate

More information

ADDENDUM 5 - BUSINESS ASSOCIATE AGREEMENT

ADDENDUM 5 - BUSINESS ASSOCIATE AGREEMENT ADDENDUM 5 - BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the BAA ) is effective as of (the Effective Date ) and is entered into by and between, with an address of (the Covered Entity

More information

OCRA Spring Convention ~ 2014 Phyllis Craver Lykken, RPR, CLR, CCR 2463. Court Reporters and HIPAA

OCRA Spring Convention ~ 2014 Phyllis Craver Lykken, RPR, CLR, CCR 2463. Court Reporters and HIPAA Court Reporters and HIPAA OCRA Spring Convention ~ 2014 Phyllis Craver Lykken, RPR, CLR, CCR 2463 1 What Exactly is HIPAA? HIPAA is an acronym for the Health Insurance Portability and Accountability Act

More information

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery WHITE PAPER HIPAA-Compliant Data Backup and Disaster Recovery DOCUMENT INFORMATION HIPAA-Compliant Data Backup and Disaster Recovery PRINTED March 2011 COPYRIGHT Copyright 2011 VaultLogix, LLC. All Rights

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BAA ) is effective ( Effective Date ) by and between ( Covered Entity ) and Egnyte, Inc. ( Egnyte or Business Associate ). RECITALS

More information

Sierra College ADMINISTRATIVE PROCEDURE No. AP 3721

Sierra College ADMINISTRATIVE PROCEDURE No. AP 3721 Sierra College ADMINISTRATIVE PROCEDURE No. AP 3721 Electronic Information Security and Data Backup Procedures Date Adopted: 4/13/2012 Date Revised: Date Reviewed: References: Health Insurance Portability

More information

DRAFT Standard Statement Encryption

DRAFT Standard Statement Encryption DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (the AGREEMENT ) is entered into this (the "Effective Date"), between Delta Dental of Tennessee ( Covered Entity ) and ( Business Associate

More information

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec.

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec. The OCR Auditors are coming - Are you next? What to Expect and How to Prepare On June 10, 2011, the U.S. Department of Health and Human Services Office for Civil Rights ( OCR ) awarded KPMG a $9.2 million

More information

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT This BUSINESS ASSOCIATE AGREEMENT ( Agreement ) dated as of the signature below, (the Effective Date ), is entered into by and between the signing organization

More information

CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS. Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE. October 2, 2013

CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS. Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE. October 2, 2013 CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE October 2, 2013 By: Diane M. Gorrow Soule, Leslie, Kidder, Sayward & Loughman, P.L.L.C. 220 Main Street

More information

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA PRIVACY AND SECURITY AWARENESS HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect

More information

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 Adopting Multnomah County HIPAA Security Policies and Directing the Appointment of Information System Security

More information

( and how to fix them )

( and how to fix them ) THE 5 BIGGEST MISTAKES LAWYERS MAKE WHEN CHOOSING A CLOUD SERVICE PROVIDER ( and how to fix them ) In recent years, an increasingly large number of law firms have moved their software and data to the cloud.

More information

HIPAA Privacy & Security White Paper

HIPAA Privacy & Security White Paper HIPAA Privacy & Security White Paper Sabrina Patel, JD +1.718.683.6577 sabrina@captureproof.com Compliance TABLE OF CONTENTS Overview 2 Security Frameworks & Standards 3 Key Security & Privacy Elements

More information

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("BA AGREEMENT") supplements and is made a part of any and all agreements entered into by and between The Regents of the University

More information

Tools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits

Tools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits Tools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits Presented by: Don Waechter, Managing Partner Health Compliance Partners Ann Breitinger, Attorney Blalock Walters Legal Disclaimer

More information

This form may not be modified without prior approval from the Department of Justice.

This form may not be modified without prior approval from the Department of Justice. This form may not be modified without prior approval from the Department of Justice. Delete this header in execution (signature) version of agreement. HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate

More information

Highlights of PHI/PI Security Requirements

Highlights of PHI/PI Security Requirements ACBHCS Quality Assurance Office August 2014 Highlights of PHI/PI Security Requirements These guidelines are excerpts from ACBHCS s contract with the CA DHCS and applies to all ACBHCS contract providers

More information

PROFESSIONAL COUNSELSM

PROFESSIONAL COUNSELSM PROFESSIONAL COUNSELSM ADVICE AND INSIGHT INTO THE PRACTICE OF LAW Lawyers Toolkit 3.0: A Guide to Managing the Attorney-Client Relationship A CNA PROFESSIONAL COUNSEL GUIDE FOR LAWYERS AND LAW FIRMS The

More information

Stenographic Court Reporter Certification, Education and Contests in the United States

Stenographic Court Reporter Certification, Education and Contests in the United States MARK J. GOLDEN, CAE Executive Director & Chief Executive Officer Stenographic Court Reporter Certification, Education and Contests in the United States The National Court Reporters Association (NCRA) was

More information

What s New with HIPAA? Policy and Enforcement Update

What s New with HIPAA? Policy and Enforcement Update What s New with HIPAA? Policy and Enforcement Update HHS Office for Civil Rights New Initiatives Precision Medicine Initiative (PMI), including Access Guidance Cybersecurity Developer portal NICS Final

More information

HIPAA Breach Notification Interim Final Rule

HIPAA Breach Notification Interim Final Rule HIPAA Breach Notification Interim Final Rule The American Recovery and Reinvestment Act of 2009 ( the Act ) made several changes to the HIPAA privacy rules including adding a requirement for notice to

More information

Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns

Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns by Sharon D. Nelson, Esq. and John W. Simek 2013 Sensei Enterprises, Inc. It seems like everybody is talking about the

More information

NINTH JUDICIAL CIRCUIT, IN AND FOR ORANGE COUNTY, FLORIDA. AMENDED ADMINISTRATIVE ORDER GOVERNING COURT REPORTING-ORANGE COUNTY ONLY

NINTH JUDICIAL CIRCUIT, IN AND FOR ORANGE COUNTY, FLORIDA. AMENDED ADMINISTRATIVE ORDER GOVERNING COURT REPORTING-ORANGE COUNTY ONLY ADMINISTRATIVE ORDER NO. 07-98-43 IN THE CIRCUIT COURT OF THE NINTH JUDICIAL CIRCUIT, IN AND FOR ORANGE COUNTY, FLORIDA. AMENDED ADMINISTRATIVE ORDER GOVERNING COURT REPORTING-ORANGE COUNTY ONLY WHEREAS,

More information

M E M O R A N D U M. Definitions

M E M O R A N D U M. Definitions M E M O R A N D U M DATE: November 10, 2011 TO: FROM: RE: Krevolin & Horst, LLC HIPAA Obligations of Business Associates In connection with the launch of your hosted application service focused on practice

More information

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually

More information

Appendix 4-2: Sample HIPAA Security Risk Assessment For a Small Physician Practice

Appendix 4-2: Sample HIPAA Security Risk Assessment For a Small Physician Practice Appendix 4-2: Administrative, Physical, and Technical Safeguards Breach Notification Rule How Use this Assessment The following sample risk assessment provides you with a series of sample questions help

More information

Is Cloud Computing Inevitable for Lawyers?

Is Cloud Computing Inevitable for Lawyers? Is Cloud Computing Inevitable for Lawyers? by Sharon D. Nelson and John W. Simek 2015 Sensei Enterprises, Inc. Not a single day goes by when you don t hear something about cloud computing. It could be

More information

HIPAA ephi Security Guidance for Researchers

HIPAA ephi Security Guidance for Researchers What is ephi? ephi stands for Electronic Protected Health Information (PHI). It is any PHI that is stored, accessed, transmitted or received electronically. 1 PHI under HIPAA means any information that

More information

Security Is Everyone s Concern:

Security Is Everyone s Concern: Security Is Everyone s Concern: What a Practice Needs to Know About ephi Security Mert Gambito Hawaii HIE Compliance and Privacy Officer July 26, 2014 E Komo Mai! This session s presenter is Mert Gambito

More information

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected

More information

Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308)

Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308) HIPAA Business Associate Agreement Sample Notice Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308) The information provided in this document does not constitute, and is no substitute

More information

IN THE SUPERIOR COURT OF THE STATE OF ARIZONA IN AND FOR THE COUNTY OF PIMA

IN THE SUPERIOR COURT OF THE STATE OF ARIZONA IN AND FOR THE COUNTY OF PIMA IN THE SUPERIOR COURT OF THE STATE OF ARIZONA IN AND FOR THE COUNTY OF PIMA IN RE THE MATTER OF ELECTRONIC ) FILING AND SERVICE OF PLEADINGS ) ADMINISTRATIVE IN PROBATE CASES ) ORDER NO. 2004-09 ) 1. Authorization

More information

LCD SOLUTIONS and CLICKTATE.COM BUSINESS ASSOCIATE AGREEMENT and DISCLOSURE of RIGHTS to COVERED ENTITIES

LCD SOLUTIONS and CLICKTATE.COM BUSINESS ASSOCIATE AGREEMENT and DISCLOSURE of RIGHTS to COVERED ENTITIES LCD SOLUTIONS and CLICKTATE.COM BUSINESS ASSOCIATE AGREEMENT and DISCLOSURE of RIGHTS to COVERED ENTITIES This agreement ("Agreement") is effective upon its execution and delivery to LCD SOLUTIONS, INC.

More information

Going Paperless. An approach for Housing Authorities

Going Paperless. An approach for Housing Authorities Going Paperless An approach for Housing Authorities Going Paperless Scott Gleason, President Management Computer Service, Inc. Going Paperless An approach for Housing Authorities Going Paperless Why Go

More information

EDI REGISTRATION FORM Blue Cross of Idaho 3000 E Pine Ave Meridian, Id 83642 Fax 208-331-7203

EDI REGISTRATION FORM Blue Cross of Idaho 3000 E Pine Ave Meridian, Id 83642 Fax 208-331-7203 DATE: EDI REGISTRATION FORM Blue Cross of Idaho 3000 E Pine Ave Meridian, Id 83642 Fax 208-331-7203 Enrollments will be completed with 5-7 Business Days from Date Received Business Name: Provider Information:

More information

HIPAA 101. March 18, 2015 Webinar

HIPAA 101. March 18, 2015 Webinar HIPAA 101 March 18, 2015 Webinar Agenda Acronyms to Know HIPAA Basics What is HIPAA and to whom does it apply? What is protected by HIPAA? Privacy Rule Security Rule HITECH Basics Breaches and Responses

More information

HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions

HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions A. Business Associate. Business Associate shall have the meaning given to such term under the Privacy and Security Rules, including,

More information

Pros 4 Technology Online Backup Features

Pros 4 Technology Online Backup Features Pros 4 Technology Online Backup Features Introduction Computers are the default storage medium for most businesses and virtually all home users. Because portable media is quickly becoming an outdated and

More information

Guidance Specifying Technologies and Methodologies DEPARTMENT OF HEALTH AND HUMAN SERVICES

Guidance Specifying Technologies and Methodologies DEPARTMENT OF HEALTH AND HUMAN SERVICES DEPARTMENT OF HEALTH AND HUMAN SERVICES 45 CFR PARTS 160 and 164 Guidance Specifying the Technologies and Methodologies That Render Protected Health Information Unusable, Unreadable, or Indecipherable

More information

Participation Agreement Medicaid Provider Program

Participation Agreement Medicaid Provider Program Participation Agreement Medicaid Provider Program PLEASE FAX THE FOLLOWING PAGES #4, #7, #8, #14, #15 211 Warren Street Newark, NJ 07103 PHONE: 973-642-4777 FAX: 973-645-0457 E-mail: info@njhitec.org www.njhitec.org

More information

BREVIUM HIPAA BUSINESS ASSOCIATE TERMS AND CONDITIONS

BREVIUM HIPAA BUSINESS ASSOCIATE TERMS AND CONDITIONS BREVIUM HIPAA BUSINESS ASSOCIATE TERMS AND CONDITIONS The following HIPAA Business Associate Terms and Conditions (referred to hereafter as the HIPAA Agreement ) are part of the Brevium Software License

More information

Backup Strategies for Small Business

Backup Strategies for Small Business Backup Strategies for Small Business StarTech Group, Inc. Jim Scalise 11.15.2014 1 StarTech Group, Inc. 2771-29 Monument Rd. PMB 232 Jacksonville, FL 32225 CONTENTS BACKUP STRATEGIES.. 1 CLOUD BACKUP 2

More information

B. Preservation is not limited to simply avoiding affirmative acts of destruction because day-to-day operations routinely alter or destroy evidence.

B. Preservation is not limited to simply avoiding affirmative acts of destruction because day-to-day operations routinely alter or destroy evidence. This is a sample approach to developing a sound document collection process, referenced at Section II(7)(vi) of the Guidelines on Best Practices for Litigating Cases Before the Court of Chancery. It should

More information

Business Associate Agreement Washtenaw Community Health Organization Effective Date: insert date

Business Associate Agreement Washtenaw Community Health Organization Effective Date: insert date Level 2 & 3: Product 1/2 Business Associates Agreement Business Associate Agreement Washtenaw Community Health Organization Effective Date: insert date This Business Associate Agreement is made as of the

More information

TACKLING THE ENCRYPTION CONUNDRUM

TACKLING THE ENCRYPTION CONUNDRUM TACKLING THE ENCRYPTION CONUNDRUM Feisal Nanji DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT is made and entered into as of the day of, 2013 ( Effective Date ), by and between [Physician Practice] on behalf of itself and each of its

More information

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services Introduction Patient privacy continues to be a chief topic of concern as technology continues to evolve. Now that the majority

More information

HIPAA Omnibus Rule Overview. Presented by: Crystal Stanton MicroMD Marketing Communication Specialist

HIPAA Omnibus Rule Overview. Presented by: Crystal Stanton MicroMD Marketing Communication Specialist HIPAA Omnibus Rule Overview Presented by: Crystal Stanton MicroMD Marketing Communication Specialist 1 HIPAA Omnibus Rule - Agenda History of the Omnibus Rule What is the HIPAA Omnibus Rule and its various

More information

BREACH NOTIFICATION POLICY

BREACH NOTIFICATION POLICY PRIVACY 2.0 BREACH NOTIFICATION POLICY Scope: All subsidiaries of Universal Health Services, Inc., including facilities and UHS of Delaware Inc. (collectively, UHS ), including UHS covered entities ( Facilities

More information

Court Reporting/Captioning/CART Certificate Program Correspondence Program - Includes lifetime support

Court Reporting/Captioning/CART Certificate Program Correspondence Program - Includes lifetime support Office of Professional & Continuing Education 301 OD Smith Hall Auburn, AL 36849 http://www.auburn.edu/mycaa Contact: Shavon Williams 334-844-5100 Last revised December 19, 2013 Auburn University is an

More information

BUSINESS ASSOCIATE AGREEMENT HIPAA Protected Health Information

BUSINESS ASSOCIATE AGREEMENT HIPAA Protected Health Information BUSINESS ASSOCIATE AGREEMENT HIPAA Protected Health Information I. PREAMBLE ( Covered Entity ) and ( Business Associate ) (jointly the Parties ) wish to enter into an Agreement to comply with the requirements

More information

Digital Security. Dr. Gavin W. Manes, Chief Executive Officer

Digital Security. Dr. Gavin W. Manes, Chief Executive Officer Dr. Gavin W. Manes, Chief Executive Officer About Us Avansic E-discovery and digital forensics company founded in 2004 by Dr. Gavin W. Manes, former Computer Science professor Scientific approach to ESI

More information

HIPAA Security Training Manual

HIPAA Security Training Manual HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,

More information

Information for Agents and Brokers Regarding the HIPAA Business Associate Agreement

Information for Agents and Brokers Regarding the HIPAA Business Associate Agreement Information for Agents and Brokers Regarding the HIPAA Business Associate Agreement You may be aware that the Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) requires health plans

More information

My Docs Online HIPAA Compliance

My Docs Online HIPAA Compliance My Docs Online HIPAA Compliance Updated 10/02/2013 Using My Docs Online in a HIPAA compliant fashion depends on following proper usage guidelines, which can vary based on a particular use, but have several

More information

Ready for an OCR Audit? Will you pass or fail an OCR security audit? Tom Walsh, CISSP

Ready for an OCR Audit? Will you pass or fail an OCR security audit? Tom Walsh, CISSP Ready for an OCR Audit? Will you pass or fail an OCR security audit? Tom Walsh, CISSP Tom Walsh Consulting, LLC Overland Park, KS What would you do? You receive a phone call from your CEO. They just received

More information

Business Associate Agreement Involving the Access to Protected Health Information

Business Associate Agreement Involving the Access to Protected Health Information School/Unit: Rowan University School of Osteopathic Medicine Vendor: Business Associate Agreement Involving the Access to Protected Health Information This Business Associate Agreement ( BAA ) is entered

More information

This presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in

This presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in This presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in the HIPAA Omnibus Rule of 2013. As part of the American

More information

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101 Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is entered into as of the day of, 2013 by and between RUTGERS UNIVERSITY, a Hybrid Entity, on behalf and for the

More information

HIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN. Stewart C. Miller & Co., Inc. (Business Associate) AND

HIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN. Stewart C. Miller & Co., Inc. (Business Associate) AND HIPAA PRIVACY AND SECURITY RULES BUSINESS ASSOCIATE AGREEMENT BETWEEN Stewart C. Miller & Co., Inc. (Business Associate) AND City of West Lafayette Flexible Spending Plan (Covered Entity) TABLE OF CONTENTS

More information

Maintaining Electronic Client Records

Maintaining Electronic Client Records ACCD Best Practices Committee Maintaining Electronic Client Records March 7, 2012 The American Council of Chief Defenders is a national community of public defense leaders dedicated to securing a fair

More information

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS HSHS BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement, ( Agreement ) is entered into on the date(s) set forth below by and between Hospital Sisters Health System on its own behalf and

More information

HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help

HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help The Health Information Portability and Accountability Act (HIPAA) Omnibus Rule which will begin to be enforced September 23, 2013,

More information

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services

Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services Introduction Patient privacy has become a major topic of concern over the past several years. With the majority of

More information