2014 Defense Health Information Technology Symposium Cloud Computing in the Defense Health Agency



Similar documents
2015 Defense Health Information Technology Symposium. Operations and Sustainment Services Supporting the Medical Enterprise

Cloud Security. A Sales Guy Talks About DoD s Cautious Journey to the Public Cloud. Sean Curry Sales Executive, Aquilent

DOD Medical Device Cybersecurity Considerations

MHS Health Information Technology Transformation March 1, 2016

Defense Healthcare Management Systems

Defining a Secure Mobile Framework Architecture at DHA

STATEMENT BY MR. CHRISTOPHER A. MILLER PROGRAM EXECUTIVE OFFICER DEFENSE HEALTHCARE MANAGEMENT SYSTEMS BEFORE THE SENATE APPROPRIATIONS COMMITTEE

ehealth Exchange Onboarding Overview Jennifer Rosas, ehealth Exchange Director Kati Odom, ehealth Exchange Implementation Manager

STATEMENT BY MR. CHRISTOPHER A. MILLER PROGRAM EXECUTIVE OFFICER DOD HEALTHCARE MANAGEMENT SYSTEMS BEFORE THE SENATE APPROPRIATIONS COMMITTEE

Defense Healthcare Management Systems

How To Improve The Defense Communications System

Implementing the DoD/VA Virtual Lifetime Electronic Record

DoD s Strategic Mobility Vision: Needs & Challenges

Fiscal Year (FY) 2016 Budget Estimates Defense Health Program Procurement Budget Item Justification

December 8, Security Authorization of Information Systems in Cloud Computing Environments

CONNECTing to the Nationwide Health Information Network (NHIN)

DHMSM Program Management Office DoD Healthcare Management Systems (DHMS) Program Executive Office

Joint Operational Medicine Information Systems Program

Data Quality and Interoperability of Identity Data in the Veterans Health Administration

Social Security Administration: Exchanging Electronic Health Information across the NwHIN 2/21/2012 1

Defense Healthcare Management Systems

UNCLASSIFIED. UNCLASSIFIED Defense Health Program Page 1 of 10 R-1 Line #9

Written Testimony. Mark Kneidinger. Director, Federal Network Resilience. Office of Cybersecurity and Communications

The recently enacted Health Information Technology for Economic

DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process

DISA Testing Services for the Enterprise. Luanne Overstreet

Participating in a Health Information Exchange (HIE) Many Faces of Community Health /27/11 Greg Linden

ConnectVirginia EXCHANGE Onboarding and Certification Guide. Version 1.4

Advancing Technology: Enhancing the Current EHR

Core services and the path to the future of the ILHIE

Office of the National Coordinator for Health Information Technology Supporting Meaningful Use. July 22, 2010

DEPARTMENT OF VETERANS AFFAIRS VA DIRECTIVE 6517 CLOUD COMPUTING SERVICES

THE STATE OF HEALTHCARE COMPLIANCE: Keeping up with HIPAA, Advancements in EHR & Additional Regulations

Report to Congress on the Application of EHR Payment Incentives for Providers Not Receiving Other Incentive Payments

Army Medicine Health Readiness

Joe Dylewski President, ATMP Solutions

Cloud Computing Strategy

DoD Electronic Health Record & Clinical Standardization

Defense Healthcare Management Systems

Virtual Lifetime Electronic Record (VLER) Health Information Exchange in the Department of Veterans Affairs (VA)

The basics of Health Information Technology

SeKON Enterprise, Inc. August 2012

Cloud Services The Path Forward. Mr. Stan Kaczmarczyk Acting Director - Strategic Solutions and Security Services FAS/ ITS, GSA

Capitalizing on Emerging Technology: Enhancing the Health Artifact and Image Management Solution

Department of Defense INSTRUCTION

Health Information Technology (IT) Simplified

Department of Defense (DoD) Unified Capabilities Master Plan (UC MP)

Cyber Situational Awareness - Big Data Solution

DoD ENTERPRISE CLOUD SERVICE BROKER CLOUD SECURITY MODEL

Cloud Computing Strategy

Cloud Computing and Enterprise Services

Forecast to Industry 2015

Department of Defense Implementation of Meaningful Use through a Patient Portal

Security & Privacy Strategies for Expanded Communities. Deven McGraw Partner Manatt, Phelps & Phillips LLP

Health Solutions. Mission-Critical Support Across the Health Spectrum

Stephen W. Warren. Chief Information Officer Office of Information and Technology

Defense Health Program Fiscal Year (FY) 2015 Budget Estimates Operation and Maintenance Private Sector Care

HIMSS Public Policy Initiatives in 2015: Using Health IT to Enable Healthcare Transformation Jeff Coughlin Senior Director Federal & State Affairs

DISA releases updated DoD Cloud Requirements What are the impacts? James Leach January 2015

1/16/2015 HOW CLINICAL EDUCATORS CAN DISCLOSURE LEARNING OBJECTIVES MAKE MEANINGFUL USE MEANINGFUL. We have no financial disclosures

Toward Meaningful Use of HIT

Agenda. Government s Role in Promoting EMR Technology. EMR Trends in Health Care. What We Hear as Reasons to Not Implement and EMR

Meaningful Use EHR Incentive Program

Defense Health Information Technology Symposium 2014

Mission Partner Environment DISA Multinational Information Sharing

Rochester Regional Health Information Organization

Infrastructure Development Forecast to Industry

The HITECH Act and Meaningful Use Implications for Population and Public Health

EHR/HIE Interoperability Workgroup-Healtheway-CCHIT Compliance Testing Body Announcement Fact Sheet

Enabling Patients Decision Making Power: A Meaningful Use Outcome. Lindsey Mongold, MHA HIT Practice Advisor Oklahoma Foundation for Medical Quality

How To Use Cloud Computing For Federal Agencies

Meeting the HIPAA Training and Business Associate Requirements Questions and Answers, with HIPAA Security Expert Mike Semel

Data Breach, Electronic Health Records and Healthcare Reform

Transcription:

Maj Todd Roman, SM Project Officer Mr. Andrew Jake Jacobs, Strategy Officer 2014 Defense Health Information Technology Symposium Cloud Computing in the Defense Health Agency 1

DHA Vision A joint, integrated, premier system of health, supporting those who serve in the defense of our country. 2

Learning Objectives Understand the Fundamental Benefits of Cloud Computing Realize Challenges for Cloud Adoption Identify Compliance with DoD Requirements for Entering the Cloud Recognize Contractual Concerns with DoD Cloud 3 3

Agenda Learning Objectives Benefits of Cloud Computing Exchanging Data with Partners Challenges of Cloud Computing within Healthcare DoD Cloud Computing Requirements Reaching the Cloud Med-COI FOC State Contractual Concerns with DoD Cloud 4 4

Benefits of Cloud Computing Cloud computing offers the government an opportunity to be more efficient, agile, and innovative through more effective use of IT investments. *Source: FY 2012 President's Budget position for DHP O&M Includes Normal Cost contributions to the Medicare Eligible Retiree Health Care Fund (MERHCF) The government can use cloud computing to rid itself of billions annually in duplicative IT spending. 5

Exchanging Data with Partners Department of Veteran Affairs (VA) Department of Health and Human Services (HHS) Centers for Medicare and Medicaid (CMS) Federal Drug Administration (FDA) HIE Health Information Exchanges (HIE) (created by ACA) -More than 100 across the country -No Industry Standard Interfaces Additional requirements to meet Office of National Coordinator (ONC) for Health Information 6

Challenges of Cloud Computing within Healthcare Federal Cloud Computing Strategy Security Controls Compliance Cloud Brokerage 7

DoD Cloud Computing Requirements DISA ECSB Security Model 1 U-Public NA-L-x 2 U-Limited Access 3 CUI L-M-x 4 CUI M-M-x 5 CUI H-H-x 6 Classified The DoD is currently operating between level 4 & 5 of the DISA ECSB Security model. 8

HITECH Act Health Information Technology for Economic and Clinical Health (HITECH) Data Ownership Office of the General Council (OGC) Privacy Office While increasing the use of electronic health records, securing patient health Information (PHI) remains a major component of the HITECH. 9

Reaching the Cloud Creating an enterprise-wide digital backbone Increase Speed, Mobility and Collaboration of Healthcare Encourage the healthcare industry to meet DoD specific security requirements Separate the Healthcare Network from the DoD Information Network (DoDIN) Establish the Medical Community of Interest (MEDCOI) Support the Joint Information Environment (JIE) 10

Cloud Adoption Catalyzing Cloud Adoption Leveraging cloud computing accelerators Ensuring a secure, trustworthy environment Streamlining procurement process Establishing cloud computing standards Recognizing the international dimensions of cloud computing Laying a solid governance foundation *Source: http://csrc.nist.gov/groups/sns/cloud-computing/, http://www.nist.gov/itl/cloud/index.cfm 11

Medical Community of Interest (Med-COI) FOC State OV-1 Medical Community of Interest Network (Med-COI) Final Operation Configuration (proposed) Legend: Connected Via MPGs Security/Access Gateways Med IPNs/SSPNs Med-COI Intranet/ Extranet Gateway VA-IdMS MVI DMDC PDR/DEERS VistA RDCs (1 of 8) DoD MTF (CONUS) MPLS-VPN over DISN** VAMCs (1 of 135) VA Austin Information Technology Center (AITC) Trusted EHR/CSPs OneVA WAN DoD MTF (CONUS) Notes: * Sharing Sites and extension to Sites in Joint Market Areas Post Phase 3 ** Confidentiality Service (IP-SEC) maintained for PHI/PII Data Types VAMC (DoD/VA Sharing Site)* FedRAMP Certified Provider VA Enterprise Gateway (TIC 2.0) (1 of 4) CONUS IdM & Federated Directory Service (mjad) Kaiser Quest Permanente Labs Nationwide Health Information Network (NwHIN) Core and Regional Data Centers (CONUS) N+1 Data Centers DHS/ DHMSM EHR Pacific (RPC) DoD DoD MTF MTF OCONUS OCONUS HIE Enabled Business Partner Extranets (BPEs) United Healthcare Virtual Connect over DISN-COI transport - MPGs to TIC/Fed G/Ws LabCorp (supports non-medical Mission Partner connections) DoD Service Enterprise Service Base/Post Services Base/Post Enclave (JIE) Enclave JIE (NIPRNet & Other DoD-COIs) Mission DoD-DMZ Partner IAP Gateway MHSi/Med-COI Enterprise (1 of 5) Gateways CONUS & (1 of 9) OCONUS Internet DoD MTF OCONUS EHR Europe (RPC) DoD MTF OCONUS EUCOM EHR Theater Site Med-COI Other DoD COIs SWA Regional and Intranets Gateways EHR (1 of 4) Theater OCONUS Site EHR Theater CENTCOM PACOM Site DoD / VA Data Interoperability Commercial Business Partners and Service Providers JIE Common / Core Services DoD Mission Partners

Contractual Concerns with DoD Cloud Business Associates Agreements (BAAs) - need to be evaluated down to the lowest subcontractor to support Privacy Impact Assessment (PIA) Service Level Agreement (SLAs) - need to be reviewed down to the lowest subcontractor level for PIA Federal Risk and Authorization Management Program (FedRAMP) - certifications need to be validated Ongoing Monitoring What will you do to ensure monitoring according to FedRAMP/DoD requirements? Private or Public Cloud considerations FedRAMP, NIST, and ECSB all require Private for PHI. Cloud is NOT outsourced IT full Infrastructure, Platform and Software Security compliance needs to be assessed Data Ownership Who owns the data within the system and what is it used for? What happens to the data when you terminate this contract? What happens if a subcontractor goes out of business? 13

Come see us if You re already operating in the cloud You plan to be in the cloud 14

Evaluations Please don't forget to submit your evaluations! 15

Speaker Info Andrew Jake Jacobs ITILv3, Net +, CHSP, CEP, VEP Acting Branch Chief, Strategy and Planning, Innovation and Advanced Technology Development (IATD) Division Andrew.Jacobs@dha.mil 703-681-6759 MAJ Todd Roman, USAF MSC, CAAMA Project Officer, Secure Messaging Defense Health Services Systems (DHSS) Todd.Roman@dha.mil 703-681-9634 16

QUESTIONS 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information