ACO Accountable Care Organizations Cooperative Healthcare Requires Cooperative Security It s a Team Sport.



Similar documents
Sunday March 30, 2014, 9am noon HCCA Conference, San Diego

The Impact of HIPAA and HITECH

Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use

EGUIDE BRIDGING THE GAP BETWEEN HEALTHCARE & HIPAA COMPLIANT CLOUD TECHNOLOGY

Participation Agreement Medicaid Provider Program

Meaningful Use Stage 2. Meeting Meaningful Use Stage 2 with InstantPHR TM.

Industry leading Education

BUSINESS ASSOCIATE AGREEMENT HIPAA Omnibus Rule (Final Rule)

How To Write A Community Based Care Coordination Program Agreement

Answering to HIPAA. Who Answers Your Phone? Prepared by Kenneth E. Rhea, MD, FASHRM. Brought to you by.

What Every Organization Needs to Know about Basic HIPAA Compliance and Technology. April 21, 2015

Compliance Plan Required for ACO Participation

HIPAA and HITECH Compliance for Cloud Applications

THE STATE OF HEALTHCARE COMPLIANCE: Keeping up with HIPAA, Advancements in EHR & Additional Regulations

HIPAA BUSINESS ASSOCIATE AGREEMENT

Data Sharing Issues in Accountable Care Organizations

Sustainable Compliance: A System for Ongoing Audit Readiness

Implications of HIPAA Requirements on Healthcare Payment Processing

NEW PERSPECTIVES. Professional Fee Coding Audit: The Basics. Learn how to do these invaluable audits page 16

Best Practices for DLP Implementation in Healthcare Organizations

How To Protect Your Health Care From Being Stolen From Your Computer Or Cell Phone

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT

Joe Dylewski President, ATMP Solutions

University Healthcare Physicians Compliance and Privacy Policy

OCR/HHS HIPAA/HITECH Audit Preparation

HIPAA Omnibus & HITECH Rules: Key Provisions and a Simple Checklist.

HIPAA, PHI and . How to Ensure your and Other ephi are HIPAA Compliant.

DIVURGENT S ACORM FRAMEWORK

Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

Impact of the Healthcare IT Stimulus Package. Session 2 of 4. Presented by. Mark R. Anderson, FHIMSS, CPHIMS CEO, AC Group, Inc.

LOOKING FORWARD TO STAGE 2 MEANINGFUL USE Louisiana HIPAA & EHR Conference Presenter: Kathleen Keeley

REGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI

Compliance, Security and Risk Management Relationship Advice. Andrew Hicks, Director Coalfire

Business Associates, HITECH & the Omnibus HIPAA Final Rule

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc.

My Docs Online HIPAA Compliance

Industry leading Education. Certified Partner Program. Get Involved. #cgwebinar

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

HIPAA BUSINESS ASSOCIATE AGREEMENT

BREVIUM HIPAA BUSINESS ASSOCIATE TERMS AND CONDITIONS

Securing Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use

SecurityMetrics Business Associate HIPAA compliance program

Maintaining the Privacy of Health Information in Michigan s Electronic Health Information Exchange Network. Draft Privacy Whitepaper

SaaS. Business Associate Agreement

Health Information Technology (IT) Simplified

The Importance of Sharing Health Information in a Healthy World

Understanding HIPAA Regulations and How They Impact Your Organization!

BUSINESS ASSOCIATE AGREEMENT

The Must Have Tools To Address Your Compliance Challenge

Disclaimer: Template Business Associate Agreement (45 C.F.R )

Medical Privacy Version Standard. Business Associate Agreement. 1. Definitions

Business Associate and Data Use Agreement

Sendmail and PostX: Simplifying HIPAA Compliance. Providing healthcare organizations with secure outbound, inbound and internal

WISHIN Pulse Statement on Privacy, Security and HIPAA Compliance

HIPAA Compliance Guide

3/13/2015 HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA?

HIPAA compliance audit: Lessons learned apply to dental practices

Creating Stable Security & Compliance Relationships

A s a covered entity or business associate, you have

New HIPAA regulations require action. Are you in compliance?

HIPAA Security Rule Compliance

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

IT SERVICE PROVIDER ASSESSMENT

Bill Moran and Betta Sherman

HIPAA Final Rule Changes

Business Associate Management Methodology

Guidance on Risk Analysis Requirements under the HIPAA Security Rule

The Fortinet Secure Health Architecture

View the Replay on YouTube

The Patient Portal Ecosystem: Engaging Patients while Protecting Privacy and Security

OCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information

DISCLAIMER. HIPPAA Notice of Privacy. HIPAA Notice of Privacy Practices Printable PDF. Effective November 1, 2015

BUSINESS ASSOCIATE AGREEMENT. Recitals

Regulatory Requirements, and insure a Safe Workplace

BUSINESS ASSOCIATE AGREEMENT

Health Information Technology in Healthcare: Frequently Asked Questions (FAQ) 1

HIPAA BUSINESS ASSOCIATE ADDENDUM (Privacy & Security) I. Definitions

HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help

InfoGard Healthcare Services InfoGard Laboratories Inc.

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

View the Replay on YouTube. Sustainable HIPAA Compliance: Enhancing Your Epic Reporting. FairWarning Executive Webinar Series October 17, 2013

RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS

Vendor Management Challenges and Solutions for HIPAA Compliance. Jim Sandford Vice President, Coalfire

Business Associate Agreement

HHS Finalizes HIPAA Privacy and Data Security Rules, Including Stricter Rules for Breaches of Unsecured PHI

Secure Endpoint Management. Presented by Kinette Crain and Brad Lewis

ALLINA HOSPITALS & CLINICS System-wide Policy

HIPAA Compliance & Privacy. What You Need to Know Now

Enclosure. Dear Vendor,

Definitions. Catch-all definition:

OCRA Spring Convention ~ 2014 Phyllis Craver Lykken, RPR, CLR, CCR Court Reporters and HIPAA

BUSINESS ASSOCIATE AGREEMENT

SAMPLE BUSINESS ASSOCIATE AGREEMENT

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) TERMS AND CONDITIONS FOR BUSINESS ASSOCIATES

BUSINESS ASSOCIATE ADDENDUM

HIPAA Security Risk Analysis for Meaningful Use

Advanced Solutions for Accountable Care Organizations (ACOs)

Transcription:

ACO Accountable Care Organizations Cooperative Healthcare Requires Cooperative Security It s a Team Sport. Robby Gulri VP, Product Marketing gulri@echoworx.com 8/28/13 1

Industry leading Educa1on Cer1fied Partner Program Please ask ques1ons For todays Slides h#p://compliancy- group.com/slides023/ Todays & Past webinars go to: h#p://compliancy- group.com/webinar/ #CGwebinar 855.85HIPAA www.compliancygroup.com

Real Stats in the Field 8/28/13 3

ACO Accountable Care Organizations Definition Accountable Care Organizations (ACOs) are groups of doctors, hospitals, and other health care providers, who come together voluntarily to give coordinated high quality care to their Medicare patients Goal of coordinated care is to ensure that patients get the right care at the right time, while avoiding unnecessary duplication of services and preventing medical errors Share in the savings it achieves for the Medicare program 8/28/13 4

ACO Illustrated 8/28/13 5

Encryption requirements for ACOs Requirements Scan, Encrypt or Block outbound email Compliance (PHI, PAN, etc) Confidential or Sensitive information Business Process Enablement for Efficiency Replace paper based processes Loan applications, regulatory filings Medical records, insurance claims, and information exchange Automated edocument Delivery Email distribution of documents containing private information Bank, mortgage, credit card statements Bills and invoices Insurance policies and claims 8/28/13 6

The Players within ACOs Providers As networks of providers, ACOs are composed mostly of hospitals, physicians, and other healthcare professionals. Payers The federal government, in the form of Medicare, will be the primary payer of an ACO Other payers include private insurances, or employerpurchased insurance Patients An ACO s patient population will primarily consist of Medicare beneficiaries 8/28/13 7

ACOs and Health Care IT Encryp1on, Security of Data at Rest and in Mo1on 8/28/13 8

4 Essential Technologies for effective ACOs HIEs (Healthcare Information Exchange) Portal Secure Email Push / Pull Analytics Reporting Dashboards Care Management applications Tele Medicine Remote Patient Monitoring Encryption & Security Applications Document Encryption Email Encryption 8/28/13 9

Security Framework for ACOs Secure, online environment which allows for controlled access to and sharing of data on a variety of levels between stakeholders Access to aggregate cost and quality trends by governance and project teams Secure repository for shared aggregate and detailed data Sharing of patient-specific clinical data between responsible caregivers 8/28/13 10

Tools required for Secure Communications Source: AT&T Compliance Report 2013 8/28/13 11

Push / Pull Support 8/28/13 12

Complying to HIPAA for ACOs Becomes even more important as information is constantly being exchanged across multiple organizations and providers More scrutiny and enforcement of HIPAA Omnibus Encryption becomes an important compliance tool and weapon 8/28/13 13

HIPAA Encryption Requirements Standard ~ Transmission Security: Implement technical security measures to guard against unauthorized access to PHI that is being transmitted over an electronic communications network 45 CFR 164.312 (e)(1) Addressable Implementation Feature ~ implement a mechanism to encrypt electronic protected health information whenever deemed appropriate 45 CFR 164.312 (e)(2)(ii) Email containing PHI requires Encryp1on

Addressable Implementation of encryption is not optional Addressable implementation features are not optional, they must be addressed; HCO must either: 1 Implement the feature or 2 Document why it s not reasonable and appropriate to implement feature, and implement an equivalent alternative measure when reasonable and appropriate

Omnibus & Email Encryption More enforcement with Omnibus Direct liability for both Covered Entities and Business Associates More parties involved with PHI exchange Breach Definition have changed Breach is presumed and you have to prove why breach didn t occur Increase Penalties for liability 8/28/13 16

Echoworx Snapshot 8/28/13 17

Thank you 8/28/13 18

HIPAA Compliance HITECH Attestation Omnibus Rule Ready Meaningful Use core measure 15 Free Demo and 60 Day Evaluation www.compliancy- group.com HIPAA Hotline 855.85HIPAA 855.854.4722

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information