0 evaluări0% au considerat acest document util (0 voturi)
40 vizualizări21 pagini
The Health IT Workforce Curriculum was developed for U.S. community colleges to enhance workforce training programmes in health information technology. The curriculum consist of 20 courses of 3 credits each. Each course includes instructor manuals, learning objectives, syllabi, video lectures with accompanying transcripts and slides, exercises, and assessments. The materials were authored by Columbia University, Duke University, Johns Hopkins University, Oregon Health & Science University, and University of Alabama at Birmingham. The project was funded by the U.S. Office of the National Coordinator for Health Information Technology. All of the course materials are available under a Creative Commons Attribution Noncommercial ShareAlike (CC BY NC SA) License (http://creativecommons.org/licenses/by-nc-sa/3.0/). The course description, learning objectives, author information, and other details may be found athttp://www.merlot.org/merlot/viewPortfolio.htm?id=842513. The full collection may also be accessed at http://knowledge.amia.org/onc-ntdc.
Titlu original
09- Networking and Health Information Exchange- Unit 9- Privacy, Confidentiality, and Security Issues and Standards- Lecture A
The Health IT Workforce Curriculum was developed for U.S. community colleges to enhance workforce training programmes in health information technology. The curriculum consist of 20 courses of 3 credits each. Each course includes instructor manuals, learning objectives, syllabi, video lectures with accompanying transcripts and slides, exercises, and assessments. The materials were authored by Columbia University, Duke University, Johns Hopkins University, Oregon Health & Science University, and University of Alabama at Birmingham. The project was funded by the U.S. Office of the National Coordinator for Health Information Technology. All of the course materials are available under a Creative Commons Attribution Noncommercial ShareAlike (CC BY NC SA) License (http://creativecommons.org/licenses/by-nc-sa/3.0/). The course description, learning objectives, author information, and other details may be found athttp://www.merlot.org/merlot/viewPortfolio.htm?id=842513. The full collection may also be accessed at http://knowledge.amia.org/onc-ntdc.
Drepturi de autor:
Attribution Non-Commercial ShareAlike (BY-NC-SA)
Formate disponibile
Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
The Health IT Workforce Curriculum was developed for U.S. community colleges to enhance workforce training programmes in health information technology. The curriculum consist of 20 courses of 3 credits each. Each course includes instructor manuals, learning objectives, syllabi, video lectures with accompanying transcripts and slides, exercises, and assessments. The materials were authored by Columbia University, Duke University, Johns Hopkins University, Oregon Health & Science University, and University of Alabama at Birmingham. The project was funded by the U.S. Office of the National Coordinator for Health Information Technology. All of the course materials are available under a Creative Commons Attribution Noncommercial ShareAlike (CC BY NC SA) License (http://creativecommons.org/licenses/by-nc-sa/3.0/). The course description, learning objectives, author information, and other details may be found athttp://www.merlot.org/merlot/viewPortfolio.htm?id=842513. The full collection may also be accessed at http://knowledge.amia.org/onc-ntdc.
Drepturi de autor:
Attribution Non-Commercial ShareAlike (BY-NC-SA)
Formate disponibile
Descărcați ca PPT, PDF, TXT sau citiți online pe Scribd
Exchange Privacy, Confidentiality, and Security Issues and Standards This material Comp9_Unit 9a was developed by Duke University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC000024. Privacy, Confidentiality, and Security Issues and Standards Learning Objectives 2 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a 1. Explain the concepts of privacy and confidentiality requirements and policies and learn how to implement the requirements. (Lecture a ) 2. Describe how to secure data storage and transmission using data encryption, signatures, validation, non- repudiation, and integrity. (PKI, certificates, and security protocols). (Lecture a) 3. Define access control methods. (Lecture b) 4. Analyze access restrictions to data storage and retrieval (physical and software). (Lecture b) 3 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Security Defined The quality or state of being secure Freedom from danger Freedom from fear or anxiety Measures taken to guard against espionage or sabotage, crime, attack, or escape 4 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Information Security Protecting information and information systems (including computers, computing devices and networks) from: Unauthorized access Unauthorized use Unauthorized alterations Unauthorized interruptions Devastation 5 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Key Security Concepts Confidentiality Integrity Availability Accountability Nonrepudiation 6 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Confidentiality Confidentiality is making sure that only authorized individuals have access to information. It is also making sure that individuals with access keep the information private and do not share with others. There are Federal and State laws in place to protect patient confidentiality, and punish those who abuse confidentiality. 7 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a The Health Insurance Portability and Accountability Act (HIPAA) Protects health insurance coverage for workers and their families when they change or lose their jobs. Requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. 8 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a HIPAA Continued Addresses the security and privacy of health data. Encourages the widespread use of electronic data interchange (EDI) in the U.S. health care system. 9 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Integrity Integrity means that the data in a system is the same as the data from the original source.
The data has not been altered or destroyed, intentionally or unintentionally. 10 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Encryption Plaintext + Cipher = Ciphertext
11 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Example Cipher = Shift characters x amount to the y Plaintext = Hospital
X= 3, y = right Ciphertext = KRVSLWDO
X=4, y=left Ciphertext = DKOLEPWH 12 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Types of Encryption Symmetric Same key used to encrypt and decrypt Shared key Asymmetric One key used to encrypt and another key used to decrypt Public key encryption 13 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Hashes A number that is generated based on the data. If the data has been altered in any way then the hash will be different. Also called a message digest or simply a digest. 14 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Means that the system/data is available when needed Fault-tolerance Denial of service (DoS) Availability 15 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Accountability is the process of holding a person/entity responsible for his actions.
System must Identify users Maintain audit trail of actions Accountability 16 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Nonrepudiation Provides Proof Origin Digital signatures Private keys (asymmetric encryption) Delivery Return receipts 17 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Public Key Infrastructure (PKI) Certificates Also called digital or identity certificates Public keys Certificate Authority (CA) Registration Authority (RA) Revocation Certificate Revocation List (CRL) Certificates 18 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Image courtesy of Michele Parrish Certificates Continued 19 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Image courtesy of Michele Parrish Privacy, Confidentiality, and Security Issues and Standards Lecture Summary Concepts of privacy and confidentiality and How to secure data 20 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a Privacy, Confidentiality, and Security Issues and Standards References Lecture a References References were not used for this lecture.
Images Slide 10: Encryption. Courtesy Michele Parrish. Used with permission. Slide 18: Certificate. Courtesy Michele Parrish. Used with permission. Slide 19: Certificate Info. Courtesy Michele Parrish. Used with permission.
21 Health IT Workforce Curriculum Version 3.0/Spring 2012 Networking and Health Information Exchange Privacy, Confidentiality, and Security Issues and Standards Lecture a