Anonymizing Unstructured Data to Enable Healthcare Analytics Chris Wright, Vice President Marketing, Privacy Analytics
|
|
- Darrell Moore
- 8 years ago
- Views:
Transcription
1 Anonymizing Unstructured Data to Enable Healthcare Analytics Chris Wright, Vice President Marketing, Privacy Analytics
2 Privacy Analytics - Overview For organizations that want to safeguard and enable their personal information for secondary use Purpose-built software that automates the deidentification and masking of data using a risk-based approach to anonymize personal information in compliance with HIPAA requirements Integrated capabilities to anonymize structured and unstructured data from multiple sources Peer-reviewed methodologies and value-added services that certify data for secondary use 2
3 Secondary Use for Healthcare Data Definition Secondary use of health data applies personal health information (PHI) for uses outside of direct health care delivery. It includes such activities as analysis, research, quality and safety measurement, public health, payment, provider certification or accreditation, marketing, and other business applications, including strictly commercial 1 activities. 1. Definition sourced from white paper, Toward a National Framework for the Secondary Use of Health Data: An American Medical Informatics Association White Paper, J Am Med Inform Assoc 2007;14:1-9 doi: /jamia.m2273 3
4 The Proliferation of Unstructured Data According to IBM, Ovum and other researchers, percent of all medical data today is unstructured... and that volume is doubling 1 every five years. Electronic health records where personal information resides in XML as free form text and needs to be anonomyized for analysis Medical devices where unstructured data or free form text from machine dumps (i.e. x-ray machines or CAT scans) is sent to a database(s) for analysis Online Forums where patients or providers discuss their conditions or cases, requiring anonymization to facilitate sentiment analysis and other forms of information analysis
5 PARAT Software Providing organizations with a scalable set of capabilities to automate the anonymization of structured and unstructured data Automate masking, de-identification and risk of reidentification Configure anonymization depending on the sensitivity of the data Maintain data consistency by matching structured values to corresponding unstructured data Measure the overall quality of anonymized data to ensure that the re-identification risk is very small and its analytic value is high Stronger Safeguards. Richer Analysis. Integrated Solution. 5
6 How We Anonymize Unstructured Data? 6
7 PARAT: Before De-identification 7
8 PARAT: Discovery and Annotate 8
9 PARAT: Discovery and Annotate 9
10 PARAT: After De-identification 10
11 SIDE-BY-SIDE COMPARISON: Data Utility Achieved 11
12 Balancing Privacy and Utility for Secondary Use 1 Data Quality 2 Analytic Granularity 3 Depth of Insight Ensuring de-identified data has analytic usefulness by determining its relative risk associated with its disclosure, sharing and re-sale Allowing users to configure de-identification for patient level data without compromising privacy and costly breaches Enabling analysis of the total patient health experience, to compile a complete picture of this experience from multiple data sources and types 12
13 PARAT: National Institutes of Health Challenge Wants to anonymize unstructured text data from more than 400,000 patients Seeks to augment currently available data in deidentified format Solution PARAT Text PARAT Text is a standalone module for PARAT Why Privacy Analytics De-identified unstructured data would allow researchers to: 1. Test hypotheses for new research 2. Confirm potential sample sizes for proposed research 3. Find collaborators for cross-disciplinary research studies. Customer Profile The National Institutes of Health (NIH), a part of the U.S. Department of Health and Human Services, is the nation s medical research agency making important discoveries that improve health and save lives. 13
14 Learn More Drop on by Booth 13 14
Degrees of De-identification of Clinical Research Data
Vol. 7, No. 11, November 2011 Can You Handle the Truth? Degrees of De-identification of Clinical Research Data By Jeanne M. Mattern Two sets of U.S. government regulations govern the protection of personal
More informationTHE STATE OF DATA SHARING FOR HEALTHCARE ANALYTICS 2015-2016: CHANGE, CHALLENGES AND CHOICE
THE STATE OF DATA SHARING FOR HEALTHCARE ANALYTICS 2015-2016: CHANGE, CHALLENGES AND CHOICE As demand for data sharing grows, healthcare organizations must move beyond data agreements and masking to achieve
More informationDe-identification, defined and explained. Dan Stocker, MBA, MS, QSA Professional Services, Coalfire
De-identification, defined and explained Dan Stocker, MBA, MS, QSA Professional Services, Coalfire Introduction This perspective paper helps organizations understand why de-identification of protected
More informationHIPAA Training 2010. For Research Investigators and Study Staff
HIPAA Training 2010 For Research Investigators and Study Staff HIPAA IS... THE HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 Portability Created to ensure access to health coverage Allows for
More informationWelcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information
Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information about HIPAA, the HITECH-HIPAA Omnibus Privacy Act, how
More informationA Commercial Approach to De-Identification Dan Wasserstrom, Founder and Chairman De-ID Data Corp, LLC
A Commercial Approach to De-Identification Dan Wasserstrom, Founder and Chairman De-ID Data Corp, LLC De-ID Data Corp, LLC Founded to: ENHANCE DATA ACCESS WHILE PROTECTING PATIENT PRIVACY Founders Problem
More informationWhite Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES
White Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES CONTENTS Introduction 3 Brief Overview of HIPPA Final Omnibus Rule 3 Changes to the Definition of Business Associate
More informationWhy Add Data Masking to Your IBM DB2 Application Environment
Why Add Data Masking to Your IBM DB2 Application Environment dataguise inc. 2010. All rights reserved. Dataguise, Inc. 2201 Walnut Ave., #260 Fremont, CA 94538 (510) 824-1036 www.dataguise.com dataguise
More informationThe Use of Patient Records (EHR) for Research
The Use of Patient Records (EHR) for Research Mary Devereaux, Ph.D. Director, Biomedical Ethics Seminars Assistant Director, Research Ethics Program & San Diego Research Ethics Consortium Abstract The
More informationBUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION
BUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION This Agreement governs the provision of Protected Health Information ("PHI") (as defined in 45 C.F.R.
More informationThe De-identification Maturity Model Authors: Khaled El Emam, PhD Waël Hassan, PhD
A PRIVACY ANALYTICS WHITEPAPER The De-identification Maturity Model Authors: Khaled El Emam, PhD Waël Hassan, PhD De-identification Maturity Assessment Privacy Analytics has developed the De-identification
More informationRoadmap. What is Big Data? Big Data for Educational Institutions 5/30/2014. A Framework for Addressing Privacy Compliance and Legal Considerations
Big Data for Educational Institutions A Framework for Addressing Privacy Compliance and Legal Considerations Roadmap Introduction What is Big Data? How are educational institutions using Big Data? What
More informationDe-identification Koans. ICTR Data Managers Darren Lacey January 15, 2013
De-identification Koans ICTR Data Managers Darren Lacey January 15, 2013 Disclaimer There are several efforts addressing this issue in whole or part Over the next year or so, I believe that the conversation
More information1.2: DATA SHARING POLICY. PART OF THE OBI GOVERNANCE POLICY Available at: http://www.braininstitute.ca/brain-code-governance. 1.2.
1.2: DATA SHARING POLICY PART OF THE OBI GOVERNANCE POLICY Available at: http://www.braininstitute.ca/brain-code-governance 1.2.1 Introduction Consistent with its international counterparts, OBI recognizes
More informationA Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No!
A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No! Ann Cavoukian, Ph.D. Information and Privacy Commissioner Ontario, Canada THE AGE OF
More informationBUSINESS ASSOCIATE AGREEMENT. Recitals
BUSINESS ASSOCIATE AGREEMENT This Agreement is executed this 8 th day of February, 2013, by BETA Healthcare Group. Recitals BETA Healthcare Group consists of BETA Risk Management Authority (BETARMA) and
More informationTestimony. before the. National Committee on Vital and Health Statistics Ad Hoc Workgroup for Secondary Uses of Health Data
Testimony before the National Committee on Vital and Health Statistics Ad Hoc Workgroup for Secondary Uses of Health Data Presented by: Shirley S. Lady Vice President, BHI Blue Cross and Blue Shield Association
More informationSecurityMetrics Business Associate HIPAA compliance program
SecurityMetrics Business Associate HIPAA compliance program IS YOUR PHI SAFE? Business associates help your business succeed, but are they a liability? When your BAs are not HIPAA compliant, your business
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is by and between ( Covered Entity )and CONEX Med Pro Systems ( Business Associate ). This Agreement has been attached to,
More informationHow To Protect Your Health Information Under Hiopaa
Towards Unified Data Security Requirements for Human Research Susan Bouregy, Ph.D., CIP Chief HIPAA Privacy Officer Vice Chair, Human Subjects Committee Yale University susan.bouregy@yale.edu March 21,
More informationHIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS
HIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS SCOPE OF POLICY: What Units Are Covered by this Policy?: This policy applies to the following units
More informationLi Xiong, Emory University
Healthcare Industry Skills Innovation Award Proposal Hippocratic Database Technology Li Xiong, Emory University I propose to design and develop a course focused on the values and principles of the Hippocratic
More informationHIPAA and Big Data Twenty Third National HIPAA Summit. March 17, 2015 Mitchell W. Granberg, Optum Chief Privacy Officer
HIPAA and Big Data Twenty Third National HIPAA Summit March 17, 2015 Mitchell W. Granberg, Optum Chief Privacy Officer Overview HIPAA and Big Data Big Data Definitions Big Data and Health Care Benefits
More informationAbstract. It s peace of mind knowing that we ve done everything that is possible to meet industry standards for de-identification. Dr.
Abstract In this presentation I will discuss the adoption of the Privacy Analytics Risk Assessment Tool (PARAT) by the Institute for Clinical Evaluative Sciences (ICES), for the Ontario Cancer Data Linkage
More informationA Privacy Officer s Guide to Providing Enterprise De-Identification Services. Phase I
IT Management Advisory A Privacy Officer s Guide to Providing Enterprise De-Identification Services Ki Consulting has helped several large healthcare organizations to establish de-identification services
More informationHIPAA Update Focus on Breach Prevention
HIPAA Update Focus on Breach Prevention Objectives By the end of this program, participants should be able to: Identify top reasons why breaches occur Review the breach definition and notification process
More informationHealth & Life sciences breach security program. David Houlding MSc CISSP CIPP Healthcare Privacy & Security Lead Intel Health and Life Sciences
Health & Life sciences breach security program David Houlding MSc CISSP CIPP Healthcare Privacy & Security Lead Intel Health and Life Sciences Overview 1. Healthcare Security Research / Directions 2. Healthcare
More informationValue of. Clinical and Business Data Analytics for. Healthcare Payers NOUS INFOSYSTEMS LEVERAGING INTELLECT
Value of Clinical and Business Data Analytics for Healthcare Payers NOUS INFOSYSTEMS LEVERAGING INTELLECT Abstract As there is a growing need for analysis, be it for meeting complex of regulatory requirements,
More informationThe De-identification of Personally Identifiable Information
The De-identification of Personally Identifiable Information Khaled El Emam (PhD) www.privacyanalytics.ca 855.686.4781 info@privacyanalytics.ca 251 Laurier Avenue W, Suite 200 Ottawa, ON Canada K1P 5J6
More informationArizona State University. HIPAA Compliance. Audit Report Number 15-08. May 7, 2015
This page left blank intentionally. Summary The Health Insurance Portability and Accountability Act of 1996 (HIPAA) audit was included on the Arizona State University (ASU) FY 2015 annual audit plan approved
More informationHIPAA and Patient Safety: Why It Matters April 24, 2015 (GEN-AO1)
2015 User Conference HIPAA and Patient Safety: Why It Matters April 24, 2015 (GEN-AO1) Presented by: Susan J. Kressly, MD, FAAP Medical Director, Office Practicum General Session Learning Objectives Understand
More informationIBM Internet Security Systems October 2007. FISMA Compliance A Holistic Approach to FISMA and Information Security
IBM Internet Security Systems October 2007 FISMA Compliance A Holistic Approach to FISMA and Information Security Page 1 Contents 1 Executive Summary 1 FISMA Overview 3 Agency Challenges 4 The IBM ISS
More informationBUSINESS ASSOCIATE AGREEMENT
THIS IS A TEMPLATE ONLY. CERTAIN STATES MAY NOT PERMIT THE TYPES OF ACTIVITIES ALLOWED HEREUNDER RELATING TO PROTECTED HEALTH INFORMATION. THUS THIS AGREEMENT MAY NEED TO BE MODIFIED IN ORDER TO COMPLY
More informationBUSINESS ASSOCIATE ADDENDUM
BUSINESS ASSOCIATE ADDENDUM This Business Associate Addendum ( Addendum ) adds to and is made a part of the Q- global Subscription and License Agreement by and between NCS Pearson, Inc. ( Business Associate
More informationImplementing Honest Broker System(s) in Academic Medical Centers: The Pittsburgh Experience
Implementing Honest Broker System(s) in Academic Medical Centers: The Pittsburgh Experience Christopher Ryan, Ph.D., CIP IRB Director Professor of Psychiatry University of Pittsburgh ryancm@upmc.edu The
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT 1. DEFINITIONS: 1.1 Undefined Terms: Terms used, but not otherwise defined, in this Agreement shall have the same meaning as those terms defined by the Health Insurance Portability
More informationCirius Whitepaper for Medical Practices
Cirius Whitepaper for Medical Practices Reputation management, increased efficiency and cost savings: How secure messaging is enabling far more than regulatory compliance for medical practices. Summary
More informationSOP Number: OCR-HIP-001 Effective Date: August 2013 Page 1 of 5
Title: HIPAA Research Policy: General Nova Southeastern University Standard Operating Procedure for GCP Version # 1 SOP Number: OCR-HIP-001 Effective Date: August 2013 Page 1 of 5 PURPOSE: Federal privacy
More informationInfoGard Healthcare Services. 2015 InfoGard Laboratories Inc.
InfoGard Healthcare Services 10 Steps To Protect My Covered Entity From Breach Your Presenters Alan Martin Account Manger Marvin Byrd Security Engineer Test and Certification Laboratory Healthcare Payment
More informationUMDNJ Information Security Plan 2007
UMDNJ Information Security Plan 2007 W. Thompson Page 1 6/4/2007 Table of Contents Table of Contents... 2 Introduction... 3 Contact... 4 Risk Assessment... 5 Plan Components... 6 Awareness... 7 Policy
More informationDe-Identification 101
De-Identification 101 We live in a world today where our personal information is continuously being captured in a multitude of electronic databases. Details about our health, financial status and buying
More informationBig Data, Big Risk, Big Rewards. Hussein Syed
Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data
More informationWhat is Covered under the Privacy Rule? Protected Health Information (PHI)
HIPAA & RESEARCH What is Covered under the Privacy Rule? Protected Health Information (PHI) Health information + Identifier = PHI Transmitted or maintained in any form (paper, electronic, forms, web-based,
More informationPractices to Research Data in Light of HIPAA and ANPRM
Incorporating Security Practices to Research Data in Light of HIPAA and ANPRM October 10, 2012 Research Administrators Forum Ajay R. Vyas, Esq. Office of Compliance Today s Discussion Review of HIPAA/HITECH
More informationSomansa Data Security and Regulatory Compliance for Healthcare
Somansa White Paper Somansa Data Security and Regulatory Compliance for Healthcare How Somansa can protect ephi- electronic patient health information and meet the requirements for healthcare compliances,
More informationA Pragmatic Guide to Big Data & Meaningful Privacy. kpmg.be
A Pragmatic Guide to Big Data & Meaningful Privacy kpmg.be From predicting criminal behavior to medical breakthroughs, from location-based restaurant recommendations to customer churn predictions, the
More informationData Privacy and Biomedicine Syllabus - Page 1 of 6
Data Privacy and Biomedicine Syllabus - Page 1 of 6 Course: Data Privacy in Biomedicine (BMIF-380 / CS-396) Instructor: Bradley Malin, Ph.D. (b.malin@vanderbilt.edu) Semester: Spring 2015 Time: Mondays
More informationBUSINESS ASSOCIATE AGREEMENT TERMS
BUSINESS ASSOCIATE AGREEMENT TERMS This Addendum ( Addendum ) is incorporated into and made part of the Agreement between SIGNATURE HEALTHCARE CORPORATION ("Covered Entity ) and ( Business Associate"),
More informationNEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015
NEXPOSE ENTERPRISE METASPLOIT PRO Effective Vulnerability Management and validation March 2015 KEY SECURITY CHALLENGES Common Challenges Organizations Experience Key Security Challenges Visibility gaps
More informationHIPAA BUSINESS ASSOCIATE SUBCONTRACTOR AGREEMENT
This HIPAA Sub Business Associate Agreement ("Sub Agreement") is entered into by and between HR Simplified, Inc. ( Business Associate ) and [Vendor Name] on behalf of itself and its Affiliates ( Subcontractor
More informationSecondary Use of Healthcare Data for Public Health. Leslie Lenert, MD, MS FACMI Director, National Center for Public Health Informatics
Secondary Use of Healthcare Data for Public Health Leslie Lenert, MD, MS FACMI Director, National Center for Public Health Informatics NCPHI Overview Agenda Three disparate secondary uses of clinical data
More informationHIPAA-Compliant Research Access to PHI
HIPAA-Compliant Research Access to PHI HIPAA permits the access, disclosure and use of PHI from a HIPAA Covered Entity s or HIPAA Covered Unit s treatment, payment or health care operations records for
More informationTulane University. Tulane University Business Associates Agreement SCOPE OF POLICY STATEMENT OF POLICY IMPLEMENTATION OF POLICY
Tulane University DEPARTMENT: General Counsel s POLICY DESCRIPTION: Business Associates Office -- HIPAA Agreement PAGE: 1 of 1 APPROVED: April 1, 2003 REVISED: November 29, 2004, December 1, 2008, October
More informationIRB Application for Medical Records Review Request
Office of Regulatory Research Compliance Institutional Review Board FORM B1 : Medial Records Review Application FORM B1 IRB Application for Medical Records Review Request Principal Investigator: Email:
More informationYale University Open Data Access (YODA) Project Procedures to Guide External Investigator Access to Clinical Trial Data Last Updated August 2015
OVERVIEW Yale University Open Data Access (YODA) Project These procedures support the YODA Project Data Release Policy and more fully describe the process by which clinical trial data held by a third party,
More informationHIPAA-P06 Use and Disclosure of De-identified Data and Limited Data Sets
HIPAA-P06 Use and Disclosure of De-identified Data and Limited Data Sets FULL POLICY CONTENTS Scope Policy Statement Reason for Policy Definitions ADDITIONAL DETAILS Web Address Forms Related Information
More informationSecure Cloud Computing Concepts Supporting Big Data in Healthcare. Ryan D. Pehrson Director, Solutions & Architecture Integrated Data Storage, LLC
Secure Cloud Computing Concepts Supporting Big Data in Healthcare Ryan D. Pehrson Director, Solutions & Architecture Integrated Data Storage, LLC Learning Objectives After this session, the learner should
More informationHIPAA/HITECH Compliance Using VMware vcloud Air
Last Updated: September 23, 2014 White paper Introduction This paper is intended for security, privacy, and compliance officers whose organizations must comply with the Privacy and Security Rules of the
More informationCloud Data Security. Sol Cates CSO @solcates scates@vormetric.com
Cloud Data Security Sol Cates CSO @solcates scates@vormetric.com Agenda The Cloud Securing your data, in someone else s house Explore IT s Dirty Little Secret Why is Data so Vulnerable? A bit about Vormetric
More informationNegotiating EHR Acquisition Contracts
Negotiating EHR Acquisition Contracts Key Strategies, Terms and Conditions Louisa Barash, Esq. & Jane Eckels, Esq. The Art and Skill of Negotiations Painful Contract Negotiations Take too long Are too
More informationDetecting Anomalous Behavior with the Business Data Lake. Reference Architecture and Enterprise Approaches.
Detecting Anomalous Behavior with the Business Data Lake Reference Architecture and Enterprise Approaches. 2 Detecting Anomalous Behavior with the Business Data Lake Pivotal the way we see it Reference
More informationWhat is Covered by HIPAA at VCU?
What is Covered by HIPAA at VCU? The Privacy Rule was designed to protect private health information from incidental disclosures. The regulations specifically apply to health care providers, health plans,
More informationIBM Software Four steps to a proactive big data security and privacy strategy
Four steps to a proactive big data security and privacy strategy Elevate data security to the boardroom agenda Contents 2 Introduction You ve probably heard the saying Data is the new oil. Just as raw
More informationLegal Insight. Big Data Analytics Under HIPAA. Kevin Coy and Neil W. Hoffman, Ph.D. Applicability of HIPAA
Big Data Analytics Under HIPAA Kevin Coy and Neil W. Hoffman, Ph.D. Privacy laws and regulations such as the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule can have a significant
More informationARX A Comprehensive Tool for Anonymizing Biomedical Data
ARX A Comprehensive Tool for Anonymizing Biomedical Data Fabian Prasser, Florian Kohlmayer, Klaus A. Kuhn Chair of Biomedical Informatics Institute of Medical Statistics and Epidemiology Rechts der Isar
More informationData Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan
WHITE PAPER Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan Introduction to Data Privacy Today, organizations face a heightened threat landscape with data
More informationAccess Control patient centric selective sharing Emergency Access Information Exchange
Electronic Health Record Software Required Security Features and Recommendations for Technical Specifications of Single Source Contracts and RFI for the Behavioral Health Information Technology Grant Scope:
More informationOverview of the HIPAA Security Rule
Office of the Secretary Office for Civil Rights () Overview of the HIPAA Security Rule Office for Civil Rights Region IX Alicia Cornish, EOS Sheila Fischer, Supervisory EOS Topics Upon completion of this
More informationHIPAA and the HITECH Act
WHITE PAPER: THE HITECH BALANCING ACT The Hi-Tech Balancing Act: Securely Walking the Tightrope of Patient Care October 2009 By John McNeely President and CEO Sword & Shield Enterprise Security, Inc. [
More informationDIGITECH AND HIPAA COMPLIANCE
White Paper DIGITECH AND HIPAA COMPLIANCE April 2004 As HIPAA compliance becomes mandatory, Digitech Systems continues to proactively address the unique needs of the Health Care market. PaperVision Enterprise
More informationBridging Strategy and Data. Overview. Version 3.3.18.11
Bridging Strategy and Data Overview Version 3.3.18.11 2 PROBLEM: Top 3 reasons to mask data 3 1: Data Breach AXIS DATA MASKING There has been growing number of attacks on major enterprises. Insider fraud
More informationASCO s CancerLinQ aims to rapidly improve the overall quality of cancer care, and is the only major cancer data initiative being developed and led by
ASCO s CancerLinQ aims to rapidly improve the overall quality of cancer care, and is the only major cancer data initiative being developed and led by physicians. When complete, CancerLinQ will unlock real-world
More informationIRB Policy for Security and Integrity of Human Research Data
IRB Policy for Security and Integrity of Human Research Data Kathleen Hay Human Subjects Protection Office Terri Shkuda Research Informatics & Computing, Information Technology Overview of Presentation
More informationThis presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in
This presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in the HIPAA Omnibus Rule of 2013. As part of the American
More informationBig Data Integration and Governance Considerations for Healthcare
White Paper Big Data Integration and Governance Considerations for Healthcare by Sunil Soares, Founder & Managing Partner, Information Asset, LLC Big Data Integration and Governance Considerations for
More informationRecognition and Privacy Preservation of Paper-based Health Records
Quality of Life through Quality of Information J. Mantas et al. (Eds.) IOS Press, 2012 2012 European Federation for Medical Informatics and IOS Press. All rights reserved. doi:10.3233/978-1-61499-101-4-751
More informationSecondary Uses of Health Data IMPAC s Oncology Data Alliance Program
Secondary Uses of Health Data IMPAC s Oncology Data Alliance Program NCVHS August 1, 2007 Joel Goldwein, MD Senior Vice President, Medical Affairs IMPAC Medical Systems Inc. IMPAC Medical Systems, Inc.
More informationData Governance and Big Data - A Necessary Convergence. Richard Goldberg Chief Data Governance Officer Citibank Global Consumer Bank
Governance and Big - A Necessary Convergence Richard Goldberg Chief Governance Officer Citibank Global Consumer Bank Governance and Big A Necessary Convergence As our businesses continue to expand its
More informationDe-Identification of Clinical Data
De-Identification of Clinical Data Sepideh Khosravifar, CISSP Info Security Analyst IV Tyrone Grandison, PhD Manager, Privacy Research, IBM TEPR Conference 2008 Ft. Lauderdale, Florida May 17-21, 2008
More information<Insert Picture Here> Oracle Database Security Overview
Oracle Database Security Overview Tammy Bednar Sr. Principal Product Manager tammy.bednar@oracle.com Data Security Challenges What to secure? Sensitive Data: Confidential, PII, regulatory
More informationWinthrop-University Hospital
Winthrop-University Hospital Use of Patient Information in the Conduct of Research Activities In accordance with 45 CFR 164.512(i), 164.512(a-c) and in connection with the implementation of the HIPAA Compliance
More informationROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN
ROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN John Riley Vice President of Sales MediTract, Inc. Session Overview Overview of Compliance Regulations affecting Contract Management
More informationWhen HHS Calls, Will Your Plan Be HIPAA Compliant?
When HHS Calls, Will Your Plan Be HIPAA Compliant? Petula Workman, J.D., CEBS Division Vice President Compliance Counsel Gallagher Benefit Services, Inc., Sugar Land, Texas The opinions expressed in this
More informationOCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information
OCTOBER 2013 PART 1 Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information Part 1: How HIPAA affects electronic transfer of protected health information It is difficult
More informationIDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - De-identification of PHI 10030
IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - De-identification of PHI 10030 POLICY INFORMATION Major Functional Area (MFA): MFA X - Office of General Counsel & Compliance Policy
More informationDatabase Forensics. www.securityresearch.at. 2004-2009 Secure Business Austria
Database Forensics Edgar Weippl eweippl@securityresearch.at Presented by Johannes Heurix jheurix@securityresearch.at Secure Business Austria ISSI2009, NII Introduction [2] Importance of database forensics
More informationBig Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers
Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers March 2013 How Target Knew a High School Girl Was Pregnant Before Her Parents Did just because you can,
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Addendum is made part of the agreement between Boston Medical Center ("Covered Entity ) and ( Business Associate"), dated [the Underlying Agreement ]. In connection with
More informationHiSoftware Policy Sheriff. SP HiSoftware Security Sheriff SP. Content-aware. Compliance and Security Solutions for. Microsoft SharePoint
HiSoftware Policy Sheriff SP HiSoftware Security Sheriff SP Content-aware Compliance and Security Solutions for Microsoft SharePoint SharePoint and the ECM Challenge The numbers tell the story. According
More informationExtracting value from HIPAA Data James Yaple Jackson-Hannah LLC
Extracting value from HIPAA Data James Yaple Jackson-Hannah LLC Session Objectives Examine the value of realistic information in research and software testing Explore the challenges of de-identifying health
More informationHIPAA-P01 Uses and Disclosures of Protected Health Information Policy
HIPAA-P01 Uses and Disclosures of Protected Health Information Policy FULL POLICY CONTENTS Scope Policy Statement Reason for Policy Definitions Sanctions ADDITIONAL DETAILS Additional Contacts Web Address
More informationHIPAA initially went into effect April 14, 2003. HIPAA is a set of rules that is to be followed by doctors, hospitals and other health care providers.
HIPAA Health Insurance Portability and Accountability Act HIPAA initially went into effect April 14, 2003 HIPAA is a set of rules that is to be followed by doctors, hospitals and other health care providers.
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BA Agreement ) is entered into by Medtep Inc., a Delaware corporation ( Business Associate ) and the covered entity ( Covered Entity
More informationfuture proof data privacy
2809 Telegraph Avenue, Suite 206 Berkeley, California 94705 leapyear.io future proof data privacy Copyright 2015 LeapYear Technologies, Inc. All rights reserved. This document does not provide you with
More informationDIGITAL GUARDIAN 6. The Foundation of Enterprise Information Protection
SUSTAINABLE PROGRAM Forensics Case Management, Chain of Custody, ediscovery, Tamper Proof Automated Controls Alert, Prompt, Block, Encrypt DIGITAL GUARDIAN 6 Data Classification Tagging, Context, Content,
More informationBackup and Data Protection for Hospitals
Backup and Data Protection for Hospitals Backup and Data Protection for Hospitals The implementation of Electronic Medical Records for the US healthcare system has made the management of data more difficult
More informationSocietal benefits vs. privacy: what distributed secure multi-party computation enable? Research ehelse 2015 21-22 April Oslo
Privacy Societal benefits vs. privacy: what distributed secure multi-party computation enable? Research ehelse 2015 21-22 April Oslo Kassaye Yitbarek Yigzaw UiT The Arctic University of Norway Outline
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is entered into by and between Professional Office Services, Inc., with principal place of business at PO Box 450, Waterloo,
More informationHIPAA Email Compliance & Privacy. What You Need to Know Now
HIPAA Email Compliance & Privacy What You Need to Know Now Introduction The Health Insurance Portability and Accountability Act of 1996 (HIPAA) places a number of requirements on the healthcare industry
More informationWhite Paper Achieving HIPAA Compliance through Security Information Management. White Paper / HIPAA
White Paper Achieving HIPAA Compliance through Security Information Management White Paper / HIPAA Contents Executive Summary... 1 Introduction: Brief Overview of HIPAA... 1 The HIPAA Challenge: Protecting
More information