SlideShare a Scribd company logo

HIPAA and E-Mail: Protecting PHI

Maurene Caplan Grey
Maurene Caplan Grey

Topics: -How is the role of messaging evolving within the healthcare community? - What best practices should healthcare providers take to comply with regulations and plan for the future.

TechnologyHealth & Medicine
1 of 18
HIPAA and E-Mail: Protecting PHI Maurene Caplan Grey Founder, Principal Analyst
HIPAA “101” ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Today’s Topics ,[object Object],[object Object]
Healthcare Industry Evolution Targeted treatments Focus on wellness Customer is the consumer Mass market treatment Focus on illness Customer is the doctor
Increasing Self-Management via E-Mail Physicians, Pharmacists, Peers… Source: Health Data Management Magazine, “Quick Poll,” 9 Sept 2005 Physician resistance to communicating with patients via e-mail is decreasing. I wonder if I have diabetes? What more can I find out? What are other people doing to control it? Patient = Consumer Is this serious? Do I need a checkup? 32.43 24 Disagree 67.7 50 Agree Percentage Respondents
Using an Online Consultation System for Self-Management
PHI within the Healthcare Community Patient’s PHI stored as record by the hospital. PHI sent to lab Insurance company stores patient record Lab report sent to doctor Hospital MD gathers PHI from patient Invoice sent to patient’s healthcare insurance
The New Healthcare Community Suppliers Providers Payers Employers Government Consumers Physicians Life Sciences
Today’s Topics ,[object Object],[object Object]
Why Security and Privacy Policies Fail Rulings are ambiguous and untested Poor or no business processes Social engineering Wrong technology Right technology, poorly implemented No auditing Lack of user training Poor or no governance Rulings change Fraud “ Lost” PHI Local hard drives, cache, memory sticks, PDAs, smart phones, server storage, application data stores…
Approach 1: Gateway 1) File uploads to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to the gateway and downloads file Often used for ad hoc relationships
Approach 2: End-to-End, Gateway 1) File sent to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to gateway and downloads file Often used for ad hoc relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME …
Approach 3: Gateway-to-Gateway Sender Recipient Sender’s gateway to recipient’s gateway Recipient Sender Often used for trusted relationships
Approach 4: End-to-End, Gateway-to-Gateway Sender’s gateway to recipient’s gateway Often used for trusted relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME … Sender Recipient Recipient Sender
Scenario: University with Teaching Hospital ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Training
What You Need To Do Now – People and Business ,[object Object],[object Object],[object Object],[object Object]
What You Need To Do Now – Technology ,[object Object],[object Object],[object Object],[object Object]
For further information on this topic, contact Grey Consulting [email_address] 845.531.5050 www.grey-consulting.com making messaging and collaboration work

Recommended

What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?lisbk
 
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...lisbk
 
Beyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web AccessibilityBeyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web Accessibilitylisbk
 
What Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum CommunityWhat Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum Communitylisbk
 
Accessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and ProcessesAccessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and Processeslisbk
 
Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?lisbk
 
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social WebEngagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Weblisbk
 
From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)lisbk
 

Recommended

What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?What Does Openness Mean to the Web Manager?
What Does Openness Mean to the Web Manager?lisbk
 
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...
Contextual Web Accessibility - Maximizing the Benefit of Accessibility Guidel...lisbk
 
Beyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web AccessibilityBeyond Compliance - A Holistic Approach to Web Accessibility
Beyond Compliance - A Holistic Approach to Web Accessibilitylisbk
 
What Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum CommunityWhat Does Openness Mean To The Openness Museum Community
What Does Openness Mean To The Openness Museum Communitylisbk
 
Accessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and ProcessesAccessibility 2.0: People, Policies and Processes
Accessibility 2.0: People, Policies and Processeslisbk
 
Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?Benefits of the Social Web: How Can It Help My Museum?
Benefits of the Social Web: How Can It Help My Museum?lisbk
 
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social WebEngagement, Impact, Value: Measuring and Maximising Impact Using the Social Web
Engagement, Impact, Value: Measuring and Maximising Impact Using the Social Weblisbk
 
From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)From Web Accessibility 2.0 to Web Adaptability (1.0)
From Web Accessibility 2.0 to Web Adaptability (1.0)lisbk
 
Implementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning AccessibilityImplementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning Accessibilitylisbk
 
From Web Accessibility to Web Adaptability
From Web Accessibility to Web AdaptabilityFrom Web Accessibility to Web Adaptability
From Web Accessibility to Web Adaptabilitylisbk
 
What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?lisbk
 
This Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me AwayThis Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me Awaylisbk
 
The Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 WorldThe Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 Worldlisbk
 
Organisational Use of Twitter
Organisational Use of TwitterOrganisational Use of Twitter
Organisational Use of Twitterlisbk
 
UKWebFocus blog posts
UKWebFocus blog postsUKWebFocus blog posts
UKWebFocus blog postslisbk
 
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...lisbk
 
Building an Accessible Digital Institution
Building an Accessible Digital InstitutionBuilding an Accessible Digital Institution
Building an Accessible Digital Institutionlisbk
 
Why Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty WordsWhy Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty Wordslisbk
 
Welcome to IWMW 2010
Welcome to IWMW 2010Welcome to IWMW 2010
Welcome to IWMW 2010lisbk
 
The Social Aspect Of Resource Discovery
The Social Aspect Of Resource DiscoveryThe Social Aspect Of Resource Discovery
The Social Aspect Of Resource Discoverylisbk
 
BS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web AccessibilityBS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web Accessibilitylisbk
 
Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction lisbk
 
Short brown presentation 26th june 2011
Short brown presentation 26th june 2011Short brown presentation 26th june 2011
Short brown presentation 26th june 2011Gillian Brown
 
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)lisbk
 
E health presentation 28th june 2011
E health presentation 28th june 2011E health presentation 28th june 2011
E health presentation 28th june 2011Nick Short
 
Digital Life Beyond The Institution
Digital Life Beyond The InstitutionDigital Life Beyond The Institution
Digital Life Beyond The Institutionlisbk
 
Preparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the InstitutionPreparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the Institutionlisbk
 
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...lisbk
 
Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)yan_stanford
 
Anatomy of an EMR System
Anatomy of an EMR SystemAnatomy of an EMR System
Anatomy of an EMR SystemHal Amens
 

More Related Content

What's hot

Implementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning AccessibilityImplementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning Accessibilitylisbk
 
From Web Accessibility to Web Adaptability
From Web Accessibility to Web AdaptabilityFrom Web Accessibility to Web Adaptability
From Web Accessibility to Web Adaptabilitylisbk
 
What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?lisbk
 
This Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me AwayThis Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me Awaylisbk
 
The Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 WorldThe Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 Worldlisbk
 
Organisational Use of Twitter
Organisational Use of TwitterOrganisational Use of Twitter
Organisational Use of Twitterlisbk
 
UKWebFocus blog posts
UKWebFocus blog postsUKWebFocus blog posts
UKWebFocus blog postslisbk
 
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...lisbk
 
Building an Accessible Digital Institution
Building an Accessible Digital InstitutionBuilding an Accessible Digital Institution
Building an Accessible Digital Institutionlisbk
 
Why Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty WordsWhy Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty Wordslisbk
 
Welcome to IWMW 2010
Welcome to IWMW 2010Welcome to IWMW 2010
Welcome to IWMW 2010lisbk
 
The Social Aspect Of Resource Discovery
The Social Aspect Of Resource DiscoveryThe Social Aspect Of Resource Discovery
The Social Aspect Of Resource Discoverylisbk
 
BS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web AccessibilityBS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web Accessibilitylisbk
 
Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction lisbk
 
Short brown presentation 26th june 2011
Short brown presentation 26th june 2011Short brown presentation 26th june 2011
Short brown presentation 26th june 2011Gillian Brown
 
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)lisbk
 
E health presentation 28th june 2011
E health presentation 28th june 2011E health presentation 28th june 2011
E health presentation 28th june 2011Nick Short
 
Digital Life Beyond The Institution
Digital Life Beyond The InstitutionDigital Life Beyond The Institution
Digital Life Beyond The Institutionlisbk
 
Preparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the InstitutionPreparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the Institutionlisbk
 
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...lisbk
 

What's hot (20)

Implementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning AccessibilityImplementing A Holistic Approach To E-Learning Accessibility
Implementing A Holistic Approach To E-Learning Accessibility
 
From Web Accessibility to Web Adaptability
From Web Accessibility to Web AdaptabilityFrom Web Accessibility to Web Adaptability
From Web Accessibility to Web Adaptability
 
What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?What Can We Learn From Amplified Events?
What Can We Learn From Amplified Events?
 
This Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me AwayThis Year's Technology That Has Blown Me Away
This Year's Technology That Has Blown Me Away
 
The Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 WorldThe Future for Educational Resource Repositories in a Web 2.0 World
The Future for Educational Resource Repositories in a Web 2.0 World
 
Organisational Use of Twitter
Organisational Use of TwitterOrganisational Use of Twitter
Organisational Use of Twitter
 
UKWebFocus blog posts
UKWebFocus blog postsUKWebFocus blog posts
UKWebFocus blog posts
 
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
Empowering Users and Institutions: A Risks and Opportunities Framework for Ex...
 
Building an Accessible Digital Institution
Building an Accessible Digital InstitutionBuilding an Accessible Digital Institution
Building an Accessible Digital Institution
 
Why Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty WordsWhy Impact, ROI and Marketing are No Longer Dirty Words
Why Impact, ROI and Marketing are No Longer Dirty Words
 
Welcome to IWMW 2010
Welcome to IWMW 2010Welcome to IWMW 2010
Welcome to IWMW 2010
 
The Social Aspect Of Resource Discovery
The Social Aspect Of Resource DiscoveryThe Social Aspect Of Resource Discovery
The Social Aspect Of Resource Discovery
 
BS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web AccessibilityBS 8878 and the Holistic Approaches to Web Accessibility
BS 8878 and the Holistic Approaches to Web Accessibility
 
Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction Engagement, Impact, Value: Introduction
Engagement, Impact, Value: Introduction
 
Short brown presentation 26th june 2011
Short brown presentation 26th june 2011Short brown presentation 26th june 2011
Short brown presentation 26th june 2011
 
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
The Web Management Community: Beyond IWMW and JISCMail Lists (#A4)
 
E health presentation 28th june 2011
E health presentation 28th june 2011E health presentation 28th june 2011
E health presentation 28th june 2011
 
Digital Life Beyond The Institution
Digital Life Beyond The InstitutionDigital Life Beyond The Institution
Digital Life Beyond The Institution
 
Preparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the InstitutionPreparing Our Users For Digital Life Beyond the Institution
Preparing Our Users For Digital Life Beyond the Institution
 
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
Enhancing Access to Researchers' Papers: How Librarians and Use of Social Med...
 

Similar to HIPAA and E-Mail: Protecting PHI

Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)yan_stanford
 
Anatomy of an EMR System
Anatomy of an EMR SystemAnatomy of an EMR System
Anatomy of an EMR SystemHal Amens
 
Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23Deven McGraw
 
Introduction to EMR
Introduction to EMRIntroduction to EMR
Introduction to EMRHal Amens
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...M2SYS Technology
 
Health Informatics- Module 4-Chapter 2.pptx
Health Informatics- Module 4-Chapter 2.pptxHealth Informatics- Module 4-Chapter 2.pptx
Health Informatics- Module 4-Chapter 2.pptxArti Parab Academics
 
Texting and E-mail with Patients: Patient Requests and Complying with HIPAA
Texting and E-mail with Patients: Patient Requests and Complying with HIPAATexting and E-mail with Patients: Patient Requests and Complying with HIPAA
Texting and E-mail with Patients: Patient Requests and Complying with HIPAAGlobalCompliancePanel
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHNovell
 
Modernizing Patient Records
Modernizing Patient RecordsModernizing Patient Records
Modernizing Patient RecordsBob Larrivee
 
Patient relationship management on the cloud
Patient relationship management on the cloudPatient relationship management on the cloud
Patient relationship management on the cloudComidor
 
Health Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics New Zealand
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment DescriptionBenitoSumpter862
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment DescriptionSantosConleyha
 
1042 pm (cst)assignment details assignment description
1042 pm (cst)assignment details assignment description1042 pm (cst)assignment details assignment description
1042 pm (cst)assignment details assignment descriptionSUKHI5
 
Tips for transitioning to electronic health records
Tips for transitioning to electronic health recordsTips for transitioning to electronic health records
Tips for transitioning to electronic health recordsACROSEAS Global Solutions
 
Babithas Notes on unit-2 Health/Nursing Informatics Technology
Babithas Notes on unit-2 Health/Nursing Informatics TechnologyBabithas Notes on unit-2 Health/Nursing Informatics Technology
Babithas Notes on unit-2 Health/Nursing Informatics TechnologyBabitha Devu
 
Health Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics New Zealand
 
A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )Tasha Holloway
 

Similar to HIPAA and E-Mail: Protecting PHI (20)

Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)Issues in Mobile Health (Barbara Mittleman)
Issues in Mobile Health (Barbara Mittleman)
 
Anatomy of an EMR System
Anatomy of an EMR SystemAnatomy of an EMR System
Anatomy of an EMR System
 
Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23Priv&security&profin electrcommunicationsrev9 23
Priv&security&profin electrcommunicationsrev9 23
 
Healthcare and Cyber security
Healthcare and Cyber securityHealthcare and Cyber security
Healthcare and Cyber security
 
Introduction to EMR
Introduction to EMRIntroduction to EMR
Introduction to EMR
 
EMR Intro
EMR IntroEMR Intro
EMR Intro
 
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
Health IT Data Security – An Overview of Privacy, Compliance, and Technology ...
 
Health Informatics- Module 4-Chapter 2.pptx
Health Informatics- Module 4-Chapter 2.pptxHealth Informatics- Module 4-Chapter 2.pptx
Health Informatics- Module 4-Chapter 2.pptx
 
Texting and E-mail with Patients: Patient Requests and Complying with HIPAA
Texting and E-mail with Patients: Patient Requests and Complying with HIPAATexting and E-mail with Patients: Patient Requests and Complying with HIPAA
Texting and E-mail with Patients: Patient Requests and Complying with HIPAA
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Modernizing Patient Records
Modernizing Patient RecordsModernizing Patient Records
Modernizing Patient Records
 
Patient relationship management on the cloud
Patient relationship management on the cloudPatient relationship management on the cloud
Patient relationship management on the cloud
 
Health Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient Care
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description
 
1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description1042 PM (CST)Assignment DetailsAssignment Description
1042 PM (CST)Assignment DetailsAssignment Description
 
1042 pm (cst)assignment details assignment description
1042 pm (cst)assignment details assignment description1042 pm (cst)assignment details assignment description
1042 pm (cst)assignment details assignment description
 
Tips for transitioning to electronic health records
Tips for transitioning to electronic health recordsTips for transitioning to electronic health records
Tips for transitioning to electronic health records
 
Babithas Notes on unit-2 Health/Nursing Informatics Technology
Babithas Notes on unit-2 Health/Nursing Informatics TechnologyBabithas Notes on unit-2 Health/Nursing Informatics Technology
Babithas Notes on unit-2 Health/Nursing Informatics Technology
 
Health Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient CareHealth Informatics Professionalism and Improving Patient Care
Health Informatics Professionalism and Improving Patient Care
 
A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )A Personal Health Record ( Ehr )
A Personal Health Record ( Ehr )
 

More from Maurene Caplan Grey

Leveraging linked in for the job search passive vs active techniques
Leveraging linked in for the job search passive vs active techniquesLeveraging linked in for the job search passive vs active techniques
Leveraging linked in for the job search passive vs active techniquesMaurene Caplan Grey
 
Social Media: An Avenue In Your Job Search
Social Media: An Avenue In Your Job SearchSocial Media: An Avenue In Your Job Search
Social Media: An Avenue In Your Job SearchMaurene Caplan Grey
 
Collaboration & Social Media New Challenges For Records Management
Collaboration & Social Media New Challenges For Records ManagementCollaboration & Social Media New Challenges For Records Management
Collaboration & Social Media New Challenges For Records ManagementMaurene Caplan Grey
 
E Mail Management At A Crossroad
E Mail Management At A CrossroadE Mail Management At A Crossroad
E Mail Management At A CrossroadMaurene Caplan Grey
 
New Media: Transforming Organizational Communications
New Media: Transforming Organizational CommunicationsNew Media: Transforming Organizational Communications
New Media: Transforming Organizational CommunicationsMaurene Caplan Grey
 
Collaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementCollaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementMaurene Caplan Grey
 

More from Maurene Caplan Grey (7)

Communication: Chaos to Clarity
Communication: Chaos to ClarityCommunication: Chaos to Clarity
Communication: Chaos to Clarity
 
Leveraging linked in for the job search passive vs active techniques
Leveraging linked in for the job search passive vs active techniquesLeveraging linked in for the job search passive vs active techniques
Leveraging linked in for the job search passive vs active techniques
 
Social Media: An Avenue In Your Job Search
Social Media: An Avenue In Your Job SearchSocial Media: An Avenue In Your Job Search
Social Media: An Avenue In Your Job Search
 
Collaboration & Social Media New Challenges For Records Management
Collaboration & Social Media New Challenges For Records ManagementCollaboration & Social Media New Challenges For Records Management
Collaboration & Social Media New Challenges For Records Management
 
E Mail Management At A Crossroad
E Mail Management At A CrossroadE Mail Management At A Crossroad
E Mail Management At A Crossroad
 
New Media: Transforming Organizational Communications
New Media: Transforming Organizational CommunicationsNew Media: Transforming Organizational Communications
New Media: Transforming Organizational Communications
 
Collaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementCollaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records Management
 

Recently uploaded

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 

Recently uploaded (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 

HIPAA and E-Mail: Protecting PHI

  • 1. HIPAA and E-Mail: Protecting PHI Maurene Caplan Grey Founder, Principal Analyst
  • 2.
  • 3.
  • 4. Healthcare Industry Evolution Targeted treatments Focus on wellness Customer is the consumer Mass market treatment Focus on illness Customer is the doctor
  • 5. Increasing Self-Management via E-Mail Physicians, Pharmacists, Peers… Source: Health Data Management Magazine, “Quick Poll,” 9 Sept 2005 Physician resistance to communicating with patients via e-mail is decreasing. I wonder if I have diabetes? What more can I find out? What are other people doing to control it? Patient = Consumer Is this serious? Do I need a checkup? 32.43 24 Disagree 67.7 50 Agree Percentage Respondents
  • 6. Using an Online Consultation System for Self-Management
  • 7. PHI within the Healthcare Community Patient’s PHI stored as record by the hospital. PHI sent to lab Insurance company stores patient record Lab report sent to doctor Hospital MD gathers PHI from patient Invoice sent to patient’s healthcare insurance
  • 8. The New Healthcare Community Suppliers Providers Payers Employers Government Consumers Physicians Life Sciences
  • 9.
  • 10. Why Security and Privacy Policies Fail Rulings are ambiguous and untested Poor or no business processes Social engineering Wrong technology Right technology, poorly implemented No auditing Lack of user training Poor or no governance Rulings change Fraud “ Lost” PHI Local hard drives, cache, memory sticks, PDAs, smart phones, server storage, application data stores…
  • 11. Approach 1: Gateway 1) File uploads to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to the gateway and downloads file Often used for ad hoc relationships
  • 12. Approach 2: End-to-End, Gateway 1) File sent to gateway 2) E-mail sent to recipient with URL that points to file 3) Recipient clicks on URL, authenticates to gateway and downloads file Often used for ad hoc relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME …
  • 13. Approach 3: Gateway-to-Gateway Sender Recipient Sender’s gateway to recipient’s gateway Recipient Sender Often used for trusted relationships
  • 14. Approach 4: End-to-End, Gateway-to-Gateway Sender’s gateway to recipient’s gateway Often used for trusted relationships, where extra security is required Commercial PGP, OpenPGP, S/MIME … Commercial PGP, OpenPGP, S/MIME … Sender Recipient Recipient Sender
  • 15.
  • 16.
  • 17.
  • 18. For further information on this topic, contact Grey Consulting [email_address] 845.531.5050 www.grey-consulting.com making messaging and collaboration work