1 / 14

HIPAA

HIPAA. Security. Please review this presentation on HIPAA Security. When you are finished you will receive a sign-off sheet with instructions on returning it. If you have any questions, please contact Sheila Kline at 585-719-3160 or skline@depaul.org. HIPAA Security Presentation. Four

Download Presentation

HIPAA

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. HIPAA Security

  2. Please review this presentation on HIPAA Security. When you are finished you will receive a sign-off sheet with instructions on returning it. If you have any questions, please contact Sheila Kline at 585-719-3160 or skline@depaul.org HIPAA Security Presentation

  3. Four Major Requirements Under HIPAA

  4. 1. Develop Administrative Procedures • Write Policies & procedures related to security of our systems • Implement a Disaster recovery plans

  5. 2. Ensure Physical Safeguards • Keep Servers in a secure location • Keep Offices and file cabinets locked

  6. 3. Implement Technical Security Services • Control Access – who are the users & security levels • Audit – who can access data & who did access data

  7. 4. Institute Technical Security Mechanisms • User accounts and passwords • Virus protection • Firewalls • Data transfer protocols, file encryption • Secure, monitored servers (MIS department responsibilities)

  8. What Are Electronic Files? Information stored on • Computers • Laptops • PDA’s • Floppies • CD’s • DVD’s • Zip Disks • Flash Drives Reasonable measures need to occur to keep these items secure. Laptops, CDs, DVD’s, Floppies and Flash drives need to be stored in a locked area if they contain PHI.

  9. What can you do to help?

  10. Employee Security Rules • E-mail • Do not use e-mail to communicate confidential information • Depaul.org email is NOT secure • AWARDS messaging is HIPPA Compliant • FAX Transmissions • Use cover sheet with the DePaul disclaimer • Know who you are faxing • Dial the correct number or use speed-dial when possible • Verify receipt of fax • Keep fax machines in private areas • Conversations in public places • Be aware of where you are and who can hear you

  11. Employee Security Rules • Be aware of who can hear your Voicemail messages or conversations on Speaker Phone • Written Correspondence • Keep confidential and secure • Do not leave PHI out in the open on your desk • Ensure that doors, desks and cabinets are locked • If you do not have a locked area to keep PHI contact your supervisor • Be aware of who can observe data you are entering or displayed on your monitor • Do not leave confidential information on your computer screen • Lock your computer before leaving your workspace for any length of time (ctrl+alt+delete)

  12. Employee Security Rules • Do not install or download any software on your computer • All software on DePaul computers must be authorized by the MIS Dept. • File transfer programs can create security loop holes • Data Minor programs installed inadvertently while surfing the internet can search for data on your computer. • Phones • Do not use speaker phone when listening to voicemail when PHI could be discussed • Be aware of who can hear speakerphone or conference call conversations.

  13. Employee Security Rules • Passwords • Never give your passwords to another user • Change often (every 3 months or sooner) • Be creative when thinking of a password. • do not store passwords near your computer. • Never login and allow other staff to access databases under your user name and password. • If a new staff person needs rights to a database – they need to contact the MIS Department. • If a staff person does not have all the rights they need to complete their job in a database – they need to contact the MIS Department – not use another staff’s database credentials.

  14. If you have any questions regarding HIPAA Security, please contact Sheila Kline 585-719-3160 or skline@depaul.org Click here to access the sign-off sheet.

More Related