1 / 9

Confidentiality& Privacy

Confidentiality& Privacy. HIPAA. The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996 From this legislation a set of security standards was developed to keep electronic protected health information ( ePHI ) safe

scarlett-berg
Download Presentation

Confidentiality& Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Confidentiality& Privacy

  2. HIPAA • The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996 • From this legislation a set of security standards was developed to keep electronic protected health information (ePHI) safe • These standards were outlined and described in the HIPAA Security Final Rule published on February 20, 2003

  3. Recommended Security Strategies for Video-Enabled Telemedicine • Administrative Recommendations • Physical Recommendations • Technical Recommendations

  4. Administrative Recommendations • Perform a risk assessment • Consider purchasing and distributing asset management software to keep track of equipment licenses • Register for security release notices from the hardware and software manufacturers used for televideo • Disable unnecessary ports on televideo hardware and follow any device “hardening” procedures recommended by the hardware and software manufacturers to prevent hacking

  5. Administrative Recommendations cont. • Ensure unique user identification by enacting a strong password policy for televideo devices, including PC-based video systems • Assign a security person and train remote site IT staff to take on security responsibilities • Establish a schedule for re-evaluations: Elapsed time and changes to the televideo environment will dictate this schedule • Create a televideo acceptable use policy (AUP) and make available to remote sites for use

  6. Physical Recommendations • Place televideo equipment in a private location that can be secured for a clinical visit. Doors to the room should be closed during a consultation. • Video monitors should not be visible through any windows. Audio should be set so that it is not heard outside of the exam room. • Telemedicine providers should use the camera functions to scan the patient room prior to a consultation to ensure that only authorized persons are present during the visit.

  7. Technical Recommendations • Video equipment used for telemedicine should be networked behind the data firewall when placed on a facility network • An H.323-protocol firewall can be used as a “video” firewall for televideo that manages and protects the consultation separate from the organization’s data firewall • The IP connection between facilities in a televideo network should ideally be a dedicated local area network (LAN) connection, wide area network (WAN) connection, or a virtual private network (VPN) connection

  8. Technical Recommendations cont. 4. When available, utilize private, statewide networks that have been developed for health care purposes and that offer robust, secure network connections • Video equipment should offer encryption capability and the encryption should be turned to the “on” position. Encryption should always be used, but especially in the absence of a LAN, WAN, VPN or state networks • The auto answer function of the televideo equipment should be set at the “off” position so that video calls cannot unintentionally be received during a telemedicine consultation

  9. Thank you

More Related