HIPAA: Developing Healthcare Software Under The Privacy Rule - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

HIPAA: Developing Healthcare Software Under The Privacy Rule

Description:

... identifiable health information' held or transmitted by a covered entity ... Windows CE based computer, shell locked. Integrated vital sign measuring devices ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 12
Provided by: bryan62
Category:

less

Transcript and Presenter's Notes

Title: HIPAA: Developing Healthcare Software Under The Privacy Rule


1
HIPAA Developing Healthcare Software Under The
Privacy Rule
  • Bryan Swann, BEE 1996
  • Development Manager Telehealth Products
  • Patient Care Technologies

2
HIPAA
  • Health Insurance Portability Accountability Act
    of 1996.
  • The Privacy Rule standards address the use and
    disclosure of individuals health
    informationcalled protected health
    information.

3
HIPAA
  • A major goal of the Privacy Rule is to assure
    that individuals health information is properly
    protected while allowing the flow of health
    information needed to provide and promote high
    quality health care and to protect the public's
    health and well being.

4
HIPAA
  • Who is covered?Health Care Providers (covered
    entities)Business Associates (health care
    operations)
  • What is covered?...all "individually
    identifiable health information" held or
    transmitted by a covered entity or its business
    associate, in any form or media, whether
    electronic, paper, or oral (PHI).

5
well_at_home
  • Windows CE based computer, shell locked
  • Integrated vital sign measuring devices
  • Touch screen, no text entry needed
  • Provides medication reminders, educational
    content, and symptom reporting through EMR
  • Communicates using Windows DUN and HTTP(S)
    transactions

6
Securing Communications
  • RAS authentication with embedded credentials
  • IIS authentication with embedded NT Domain
    credentials
  • Application level authentication with embedded
    user account credentials
  • Session identifier
  • Data encrypted through HTTPS
  • VPN Tunnels

7
Patient Monitor and HIPAA
  • Lack of patient identifiable information
    (demographics) allows EMR to be stored on monitor
    while still meeting HIPAA requirements
  • Proprietary nature of database
  • Theft of device and street value

8
Web Application and HIPAA
  • Exposed to the public internet
  • Session required
  • Session timeout
  • Audit process for every URL request except images
  • Network configuration

9
Software Support
  • AAA (authentication, authorization, accounting)
  • VPN to client network
  • Pulling PHI into our network

10
Policies and Procedures
  • HIPAA requires them
  • Workforce training and sanctions
  • Data safeguards Laptop security Sever
    Security Document Shredding

11
Security and the Future
  • Eliminating IIS
  • Open source platforms
  • Proprietary communication protocol
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "HIPAA: Developing Healthcare Software Under The Privacy Rule" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!