SlideShare ist ein Scribd-Unternehmen logo

HxRefactored - TrueVault - Jason Wang - API Pitch

•
•
HxRefactored
HxRefactored
Gesundheit & MedizinTechnologie
1 von 17
Downloaden Sie, um offline zu lesen
How to Build a HIPAA! Compliant Infrastructure! Jason Wang! Founder & CEO, TrueVault!
Step 1: Physical Safeguards! •  Physical security of ePHI! •  “HIPAA Compliance Ready” ! •  Business Associate Agreement! •  Choices of HIPAA Compliant Hosting Providers! •  Initial Costs/Incremental Costs! !
Step 2: Technical Safeguards! •  Digital Security of ePHI! •  Required vs Addressable! •  Am I HIPAA compliant if I just deploy my code to a HIPAA compliant hosting environment?! !
Technical Safeguards! 1.  Access Control - Unique User Identification (required): Assign a unique name and/or number for identifying and tracking user identity.! ! 2.  Access Control - Emergency Access Procedure (required): Establish (and implement as needed) procedures for obtaining necessary ePHI during an emergency.! 3.  Access Control - Automatic Logoff (addressable): Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.! ! 4.  Access Control - Encryption and Decryption (addressable): Implement a mechanism to encrypt and decrypt ePHI.!
Technical Safeguards 5.  Audit Controls (required): Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.! 6.  Integrity - Mechanism to Authenticate ePHI (addressable): Implement electronic mechanisms to corroborate that ePHI has not been altered or destroyed in an unauthorized manner.! 7.  Authentication (required): Implement procedures to verify that a person or entity seeking access to ePHI is the one claimed.! ! 8.  Transmission Security - Integrity Controls (addressable): Implement security measures to ensure that electronically transmitted ePHI is not improperly modified without detection until disposed of.! ! 9.  Transmission Security - Encryption (addressable): Implement a mechanism to encrypt ePHI whenever deemed appropriate.!
Am I Done?!
Am I Done?! Not Quite … J!
Step 3: Security! •  Target Rich Environment! •  Application Security! •  Network Security/Intrusion Detection! •  Software/OS Security! •  Security Audit! •  Time/Cost!
Step 4: HIPAA Audit! •  Who Certifies HIPAA Compliance?! •  3rd party Audits! •  What is the process like?! •  Cost! •  Time! •  Any other audits?!
Step 5: Insurance! •  Cyber Liability and Data Breach Insurance! •  Policy Issuers! •  Indemnification! •  Costs/Coverage!
What Else Do I Need to Know?! •  Typical implementation frame! •  HIPAA will change! •  On-going maintenance! •  Staffing! •  There must be an easier way ;-)!
What Else Do I Need to Know?! •  Typical implementation frame! •  HIPAA will change! •  On-going maintenance! •  Staffing! •  There must be an easier way ;-)!
•  HIPAA Compliant Data Store! Standard  Database   TrueVault   (HIPAA  Compliant)   non-­‐PHI  Data   PHI  Data   (REST  API)  
Physical  Safeguards   Facility  Access  Ctrl,  WorkstaGon  Use  and   Security,  Devices  and  Media  Controls   Technical  Safeguards   EncrypGon  and  DecrypGon,  Key   Management,  Key  RotaGon,  Access   Control,  Unique  User  IdenGficaGon,   Emergency  Access,  AutomaGc  Logoff,   Audit  Controls,  Mechanism  to   AuthenGcate  Electronic  PHI,  Person  or   EnGty  AuthenGcaGon,  Transmission   Security,  Integrity  Controls   AdministraGve  Safeguards   HIPAA  Compliant   HosGng   TrueVault   •  TrueVault  handles  both  Technical   and  Physical  Safeguards.   •  Developers  can  quickly  start   development  on  healthcare   applicaGons  without  building  a   HIPAA  compliant  infrastructure.   •  FireHost  and  AWS  have  high   minimum  charges  ($1,115  and   $1,500)  and  offer  no  help  with   the  Technical  Safeguards.  
•  RESTful API - No Steps 1 through 5 to worry about ! •  BAA + Insurance! •  Works well with existing infrastructure! •  400+ Customers! •  Usage based pricing, no contracts!
Q&A Time! Shameless Promotions:! ! •  TrueVault is hiring Developers, DevOps Engineers in San Francisco ! •  Join our iOS SDK beta list – Be the first to release an iOS app leveraging Health Book! http://go.truevault.com/ios8! !
Thank  you!   Jason  Wang   Founder  &  CEO,  TrueVault  

Empfohlen

HxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason WangHxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason Wang
HxRefactored
 
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe HarborUnsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Ray Potter
 
HIPAA Compliant IAM using Active Directory
HIPAA Compliant IAM using Active DirectoryHIPAA Compliant IAM using Active Directory
HIPAA Compliant IAM using Active Directory
William Gregorian
 
SharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and ComplianceSharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and Compliance
Matthew R. Barrett
 
CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...
CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...
CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...
CloudCamp Chicago
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
Ben Quirk
 
LSI HIPAA standards
LSI HIPAA standardsLSI HIPAA standards
LSI HIPAA standards
Language Solutions Inc.
 
Aduana12
Aduana12Aduana12
Aduana12
Fernando Montero
 

Empfohlen

HxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason WangHxRefactored - TrueVault - Jason Wang
HxRefactored - TrueVault - Jason Wang
HxRefactored
 
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe HarborUnsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Ray Potter
 
HIPAA Compliant IAM using Active Directory
HIPAA Compliant IAM using Active DirectoryHIPAA Compliant IAM using Active Directory
HIPAA Compliant IAM using Active Directory
William Gregorian
 
SharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and ComplianceSharePointlandia 2013: SharePoint and Compliance
SharePointlandia 2013: SharePoint and Compliance
Matthew R. Barrett
 
CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...
CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...
CloudCamp Chicago lightning talk: "Security and Sanity in the HIPAA-Compliant...
CloudCamp Chicago
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
Ben Quirk
 
LSI HIPAA standards
LSI HIPAA standardsLSI HIPAA standards
LSI HIPAA standards
Language Solutions Inc.
 
Aduana12
Aduana12Aduana12
Aduana12
Fernando Montero
 
HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...
HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...
HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...
HxRefactored
 
HXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora Health
HXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora HealthHXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora Health
HXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora Health
HxRefactored
 
MBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk Analysis
MBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk AnalysisMBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk Analysis
MBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk Analysis
Charles McNeil
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
TrueVault
 
HXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*Pow
HXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*PowHXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*Pow
HXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*Pow
HxRefactored
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
data brackets
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
TrueVault
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
Compliancy Group
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud Foundry
Jim Shingler
 
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
dsapps
 
Hipaa security compliance checklist for developers & business associates
Hipaa security compliance checklist for developers & business associatesHipaa security compliance checklist for developers & business associates
Hipaa security compliance checklist for developers & business associates
Shoba Krishnamurthy
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
Precisely
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
Jose Ivan Delgado, Ph.D.
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif Ghauri
Atif Ghauri
 
Securing Healthcare Data on AWS for HIPAA
Securing Healthcare Data on AWS for HIPAASecuring Healthcare Data on AWS for HIPAA
Securing Healthcare Data on AWS for HIPAA
Alert Logic
 
MacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsMacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk Fundamentals
Alison Gianotto
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
TechSoup
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH Compliance
Marie-Michelle Strah, PhD
 
Something Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton ChuvakinSomething Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton Chuvakin
Anton Chuvakin
 
Windows Incident Response is hard, but doesn't have to be
Windows Incident Response is hard, but doesn't have to beWindows Incident Response is hard, but doesn't have to be
Windows Incident Response is hard, but doesn't have to be
Michael Gough
 
What’s in Your Workflow?
What’s in Your Workflow?What’s in Your Workflow?
What’s in Your Workflow?
Ipro Tech
 
APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)
APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)
APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)
apidays
 

Weitere ähnliche Inhalte

Andere mochten auch

HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
data brackets
 

Andere mochten auch (7)

HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...
HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...
HXR 2016: Designing for Addiction and Recovery -Mary Beth Schoening, Behavior...
 
HXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora Health
HXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora HealthHXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora Health
HXR 2016: New Models for Care Delivery -Andrew Schutzbank, Iora Health
 
MBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk Analysis
MBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk AnalysisMBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk Analysis
MBM eHealthCare Solutions HIPAA-HITECH & Meaningful Use Risk Analysis
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
HXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*Pow
HXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*PowHXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*Pow
HXR 2016: Sustainable Design -Jen Briselli, James Christie, Mad*Pow
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
 

Ähnlich wie HxRefactored - TrueVault - Jason Wang - API Pitch

Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
Precisely
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif Ghauri
Atif Ghauri
 
Something Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton ChuvakinSomething Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton Chuvakin
Anton Chuvakin
 
Dealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleDealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation Style
Rochester Security Summit
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Precisely
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?
Precisely
 

Ähnlich wie HxRefactored - TrueVault - Jason Wang - API Pitch (20)

The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud Foundry
 
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
 
Hipaa security compliance checklist for developers & business associates
Hipaa security compliance checklist for developers & business associatesHipaa security compliance checklist for developers & business associates
Hipaa security compliance checklist for developers & business associates
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif Ghauri
 
Securing Healthcare Data on AWS for HIPAA
Securing Healthcare Data on AWS for HIPAASecuring Healthcare Data on AWS for HIPAA
Securing Healthcare Data on AWS for HIPAA
 
MacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk FundamentalsMacIT 2014 - Essential Security & Risk Fundamentals
MacIT 2014 - Essential Security & Risk Fundamentals
 
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19Webinar - Compliance with the Microsoft Cloud- 2017-04-19
Webinar - Compliance with the Microsoft Cloud- 2017-04-19
 
Securing Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH ComplianceSecuring Microsoft Technologies for HITECH Compliance
Securing Microsoft Technologies for HITECH Compliance
 
Something Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton ChuvakinSomething Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton Chuvakin
 
Windows Incident Response is hard, but doesn't have to be
Windows Incident Response is hard, but doesn't have to beWindows Incident Response is hard, but doesn't have to be
Windows Incident Response is hard, but doesn't have to be
 
What’s in Your Workflow?
What’s in Your Workflow?What’s in Your Workflow?
What’s in Your Workflow?
 
APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)
APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)
APIsecure 2023 - FHIR API Security, Grahame Grieve (Health Intersections)
 
Dealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation StyleDealing with Web Application Security, Regulation Style
Dealing with Web Application Security, Regulation Style
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
 
Passwords are passĂŠ. WebAuthn is simpler, stronger and ready to go
Passwords are passĂŠ. WebAuthn is simpler, stronger and ready to goPasswords are passĂŠ. WebAuthn is simpler, stronger and ready to go
Passwords are passĂŠ. WebAuthn is simpler, stronger and ready to go
 
What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?What Does a Full Featured Security Strategy Look Like?
What Does a Full Featured Security Strategy Look Like?
 
Its Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples CounselingIts Not You Its Me MSSP Couples Counseling
Its Not You Its Me MSSP Couples Counseling
 

Mehr von HxRefactored

HXR 2017: Susan Hunt Stevens, WeSpire: Holistic Wellbeing
HXR 2017: Susan Hunt Stevens, WeSpire: Holistic WellbeingHXR 2017: Susan Hunt Stevens, WeSpire: Holistic Wellbeing
HXR 2017: Susan Hunt Stevens, WeSpire: Holistic Wellbeing
HxRefactored
 
HXR 2017: Juhan Sonin, GoInvo
HXR 2017: Juhan Sonin, GoInvoHXR 2017: Juhan Sonin, GoInvo
HXR 2017: Juhan Sonin, GoInvo
HxRefactored
 
HXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior Change
HXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior ChangeHXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior Change
HXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior Change
HxRefactored
 
HXR 2017: Casey Quinlan: the Price is Right
HXR 2017: Casey Quinlan: the Price is RightHXR 2017: Casey Quinlan: the Price is Right
HXR 2017: Casey Quinlan: the Price is Right
HxRefactored
 
HXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy Trends
HXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy TrendsHXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy Trends
HXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy Trends
HxRefactored
 
HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...
HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...
HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...
HxRefactored
 
HXR 2016: Addressing the Opioid Crisis
HXR 2016: Addressing the Opioid CrisisHXR 2016: Addressing the Opioid Crisis
HXR 2016: Addressing the Opioid Crisis
HxRefactored
 
HXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-Hitchcock
HXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-HitchcockHXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-Hitchcock
HXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-Hitchcock
HxRefactored
 

Mehr von HxRefactored (20)

HXR 2017: Denise Gosnell, Pokitdok: Blockchain: The Now and The Future:
HXR 2017: Denise Gosnell, Pokitdok: Blockchain: The Now and The Future: HXR 2017: Denise Gosnell, Pokitdok: Blockchain: The Now and The Future:
HXR 2017: Denise Gosnell, Pokitdok: Blockchain: The Now and The Future:
 
HXR 2017: Susan Hunt Stevens, WeSpire: Holistic Wellbeing
HXR 2017: Susan Hunt Stevens, WeSpire: Holistic WellbeingHXR 2017: Susan Hunt Stevens, WeSpire: Holistic Wellbeing
HXR 2017: Susan Hunt Stevens, WeSpire: Holistic Wellbeing
 
HXR 2017: John Weiss, Human Design: Building a Culture of Health
HXR 2017: John Weiss, Human Design: Building a Culture of HealthHXR 2017: John Weiss, Human Design: Building a Culture of Health
HXR 2017: John Weiss, Human Design: Building a Culture of Health
 
HXR 2017: Juhan Sonin, GoInvo
HXR 2017: Juhan Sonin, GoInvoHXR 2017: Juhan Sonin, GoInvo
HXR 2017: Juhan Sonin, GoInvo
 
HXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior Change
HXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior ChangeHXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior Change
HXR 2017: Heather Patrick, Carrot Sense: Motivation and Health Behavior Change
 
HXR 2017: Casey Quinlan: the Price is Right
HXR 2017: Casey Quinlan: the Price is RightHXR 2017: Casey Quinlan: the Price is Right
HXR 2017: Casey Quinlan: the Price is Right
 
HXR 2017: Bakul Patel: How the FDA Is Promoting Innovation and Protecting the...
HXR 2017: Bakul Patel: How the FDA Is Promoting Innovation and Protecting the...HXR 2017: Bakul Patel: How the FDA Is Promoting Innovation and Protecting the...
HXR 2017: Bakul Patel: How the FDA Is Promoting Innovation and Protecting the...
 
HXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy Trends
HXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy TrendsHXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy Trends
HXR 2017: Jay Gupta, RxRelax: RxRelax to Reverse Polypharmacy Trends
 
HXR 2017: Kathleen Howland, Berklee College of Music: Music Therapy in Health...
HXR 2017: Kathleen Howland, Berklee College of Music: Music Therapy in Health...HXR 2017: Kathleen Howland, Berklee College of Music: Music Therapy in Health...
HXR 2017: Kathleen Howland, Berklee College of Music: Music Therapy in Health...
 
HXR 2017: Center for Health Experience Design Announcement
HXR 2017: Center for Health Experience Design Announcement HXR 2017: Center for Health Experience Design Announcement
HXR 2017: Center for Health Experience Design Announcement
 
HXR 2017: Paul Kahn, Mad*Pow: Lessons Learned from a Bill you can understand
HXR 2017: Paul Kahn, Mad*Pow: Lessons Learned from a Bill you can understandHXR 2017: Paul Kahn, Mad*Pow: Lessons Learned from a Bill you can understand
HXR 2017: Paul Kahn, Mad*Pow: Lessons Learned from a Bill you can understand
 
HXR 2017: Design Challenge Announcement!
HXR 2017: Design Challenge Announcement!HXR 2017: Design Challenge Announcement!
HXR 2017: Design Challenge Announcement!
 
HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...
HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...
HXR 2017: Aneesh Chopra, NavHealth: Call to Action: All Hands on Deck to Brin...
 
HXR 2017: Amy Cueva, Mad*Pow: Purpose Driven Design
HXR 2017: Amy Cueva, Mad*Pow: Purpose Driven DesignHXR 2017: Amy Cueva, Mad*Pow: Purpose Driven Design
HXR 2017: Amy Cueva, Mad*Pow: Purpose Driven Design
 
HXR 2016: Addressing the Opioid Crisis
HXR 2016: Addressing the Opioid CrisisHXR 2016: Addressing the Opioid Crisis
HXR 2016: Addressing the Opioid Crisis
 
HXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-Hitchcock
HXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-HitchcockHXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-Hitchcock
HXR 2016: New Models for Care Delivery -Ethan Berke, Dartmouth-Hitchcock
 
HXR 2016: Human Focused Innovation in a Clinical Setting -Lesley Solomon, Bri...
HXR 2016: Human Focused Innovation in a Clinical Setting -Lesley Solomon, Bri...HXR 2016: Human Focused Innovation in a Clinical Setting -Lesley Solomon, Bri...
HXR 2016: Human Focused Innovation in a Clinical Setting -Lesley Solomon, Bri...
 
HXR 2016: Human Focused Innovation in a Clinical Setting -Jennie Kung, UCLA H...
HXR 2016: Human Focused Innovation in a Clinical Setting -Jennie Kung, UCLA H...HXR 2016: Human Focused Innovation in a Clinical Setting -Jennie Kung, UCLA H...
HXR 2016: Human Focused Innovation in a Clinical Setting -Jennie Kung, UCLA H...
 
HXR 2016: Human Focused Innovation in a Clinical Setting -Dr. Nancy Hanrahan,...
HXR 2016: Human Focused Innovation in a Clinical Setting -Dr. Nancy Hanrahan,...HXR 2016: Human Focused Innovation in a Clinical Setting -Dr. Nancy Hanrahan,...
HXR 2016: Human Focused Innovation in a Clinical Setting -Dr. Nancy Hanrahan,...
 
HXR 2016: Human Focused Innovation in a Clinical Setting -Marnie de Mooij, Ma...
HXR 2016: Human Focused Innovation in a Clinical Setting -Marnie de Mooij, Ma...HXR 2016: Human Focused Innovation in a Clinical Setting -Marnie de Mooij, Ma...
HXR 2016: Human Focused Innovation in a Clinical Setting -Marnie de Mooij, Ma...
 

KĂźrzlich hochgeladen

💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...
💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...
💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...
khalifaescort01
 
Call Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service AvailableCall Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service Available
GENUINE ESCORT AGENCY
 
Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...
Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...
Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...
adilkhan87451
 
Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...
Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...
Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...
chetankumar9855
 
(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...
(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...
(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...
parulsinha
 
Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...
Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...
Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...
mahaiklolahd
 
Call Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service Available
Dipal Arora
 
Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...
Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...
Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...
Sheetaleventcompany
 
Call Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service Available
Dipal Arora
 
Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...
Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...
Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...
parulsinha
 
Call Girls Madurai Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Madurai Just Call 9630942363 Top Class Call Girl Service AvailableCall Girls Madurai Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Madurai Just Call 9630942363 Top Class Call Girl Service Available
GENUINE ESCORT AGENCY
 
Call Girls Amritsar Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Amritsar Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Amritsar Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Amritsar Just Call 8250077686 Top Class Call Girl Service Available
Dipal Arora
 
Call Girls Varanasi Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Varanasi Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Varanasi Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Varanasi Just Call 8250077686 Top Class Call Girl Service Available
Dipal Arora
 
Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...
Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...
Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...
Namrata Singh
 
Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...
Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...
Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...
parulsinha
 
Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...
Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...
Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...
parulsinha
 
9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service
9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service
9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service
GENUINE ESCORT AGENCY
 
Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...
Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...
Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...
chandars293
 
Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...
Dipal Arora
 

KĂźrzlich hochgeladen (20)

💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...
💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...
💕SONAM KUMAR💕Premium Call Girls Jaipur ↘️9257276172 ↙️One Night Stand With Lo...
 
Call Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service AvailableCall Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Ahmedabad Just Call 9630942363 Top Class Call Girl Service Available
 
Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...
Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...
Call Girls in Lucknow Just Call 👉👉7877925207 Top Class Call Girl Service Avai...
 
Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...
Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...
Call Girl In Pune 👉 Just CALL ME: 9352988975 💋 Call Out Call Both With High p...
 
(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...
(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...
(Low Rate RASHMI ) Rate Of Call Girls Jaipur ❣ 8445551418 ❣ Elite Models & Ce...
 
8980367676 Call Girls In Ahmedabad Escort Service Available 24×7 In Ahmedabad
8980367676 Call Girls In Ahmedabad Escort Service Available 24×7 In Ahmedabad8980367676 Call Girls In Ahmedabad Escort Service Available 24×7 In Ahmedabad
8980367676 Call Girls In Ahmedabad Escort Service Available 24×7 In Ahmedabad
 
Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...
Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...
Call Girl in Indore 8827247818 {LowPrice} ❤️ (ahana) Indore Call Girls * UPA...
 
Call Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Hyderabad Just Call 8250077686 Top Class Call Girl Service Available
 
Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...
Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...
Low Rate Call Girls Bangalore {7304373326} ❤️VVIP NISHA Call Girls in Bangalo...
 
Call Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Rishikesh Just Call 8250077686 Top Class Call Girl Service Available
 
Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...
Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...
Russian Call Girls Service Jaipur {8445551418} ❤️PALLAVI VIP Jaipur Call Gir...
 
Call Girls Madurai Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Madurai Just Call 9630942363 Top Class Call Girl Service AvailableCall Girls Madurai Just Call 9630942363 Top Class Call Girl Service Available
Call Girls Madurai Just Call 9630942363 Top Class Call Girl Service Available
 
Call Girls Amritsar Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Amritsar Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Amritsar Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Amritsar Just Call 8250077686 Top Class Call Girl Service Available
 
Call Girls Varanasi Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Varanasi Just Call 8250077686 Top Class Call Girl Service AvailableCall Girls Varanasi Just Call 8250077686 Top Class Call Girl Service Available
Call Girls Varanasi Just Call 8250077686 Top Class Call Girl Service Available
 
Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...
Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...
Call Girls Kolkata Kalikapur 💯Call Us 🔝 8005736733 🔝 💃 Top Class Call Girl Se...
 
Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...
Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...
Independent Call Girls In Jaipur { 8445551418 } ✔ ANIKA MEHTA ✔ Get High Prof...
 
Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...
Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...
Call Girls Service Jaipur {8445551418} ❤️VVIP BHAWNA Call Girl in Jaipur Raja...
 
9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service
9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service
9630942363 Genuine Call Girls In Ahmedabad Gujarat Call Girls Service
 
Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...
Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...
Top Rated Hyderabad Call Girls Chintal ⟟ 9332606886 ⟟ Call Me For Genuine Se...
 
Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls (DIPAL) ⟟ 8250077686 ⟟ Call Me For Genuine Sex Serv...
 

HxRefactored - TrueVault - Jason Wang - API Pitch

  • 1. How to Build a HIPAA! Compliant Infrastructure! Jason Wang! Founder & CEO, TrueVault!
  • 2. Step 1: Physical Safeguards! •  Physical security of ePHI! •  “HIPAA Compliance Ready” ! •  Business Associate Agreement! •  Choices of HIPAA Compliant Hosting Providers! •  Initial Costs/Incremental Costs! !
  • 3. Step 2: Technical Safeguards! •  Digital Security of ePHI! •  Required vs Addressable! •  Am I HIPAA compliant if I just deploy my code to a HIPAA compliant hosting environment?! !
  • 4. Technical Safeguards! 1.  Access Control - Unique User Identication (required): Assign a unique name and/or number for identifying and tracking user identity.! ! 2.  Access Control - Emergency Access Procedure (required): Establish (and implement as needed) procedures for obtaining necessary ePHI during an emergency.! 3.  Access Control - Automatic Logoff (addressable): Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.! ! 4.  Access Control - Encryption and Decryption (addressable): Implement a mechanism to encrypt and decrypt ePHI.!
  • 5. Technical Safeguards 5.  Audit Controls (required): Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.! 6.  Integrity - Mechanism to Authenticate ePHI (addressable): Implement electronic mechanisms to corroborate that ePHI has not been altered or destroyed in an unauthorized manner.! 7.  Authentication (required): Implement procedures to verify that a person or entity seeking access to ePHI is the one claimed.! ! 8.  Transmission Security - Integrity Controls (addressable): Implement security measures to ensure that electronically transmitted ePHI is not improperly modied without detection until disposed of.! ! 9.  Transmission Security - Encryption (addressable): Implement a mechanism to encrypt ePHI whenever deemed appropriate.!
  • 7. Am I Done?! Not Quite … J!
  • 8. Step 3: Security! •  Target Rich Environment! •  Application Security! •  Network Security/Intrusion Detection! •  Software/OS Security! •  Security Audit! •  Time/Cost!
  • 9. Step 4: HIPAA Audit! •  Who Certies HIPAA Compliance?! •  3rd party Audits! •  What is the process like?! •  Cost! •  Time! •  Any other audits?!
  • 10. Step 5: Insurance! •  Cyber Liability and Data Breach Insurance! •  Policy Issuers! •  Indemnication! •  Costs/Coverage!
  • 11. What Else Do I Need to Know?! •  Typical implementation frame! •  HIPAA will change! •  On-going maintenance! •  Stafng! •  There must be an easier way ;-)!
  • 12. What Else Do I Need to Know?! •  Typical implementation frame! •  HIPAA will change! •  On-going maintenance! •  Stafng! •  There must be an easier way ;-)!
  • 13. •  HIPAA Compliant Data Store! Standard  Database   TrueVault   (HIPAA  Compliant)   non-­‐PHI  Data   PHI  Data   (REST  API)  
  • 14. Physical  Safeguards   Facility  Access  Ctrl,  WorkstaGon  Use  and   Security,  Devices  and  Media  Controls   Technical  Safeguards   EncrypGon  and  DecrypGon,  Key   Management,  Key  RotaGon,  Access   Control,  Unique  User  IdenGcaGon,   Emergency  Access,  AutomaGc  Logoff,   Audit  Controls,  Mechanism  to   AuthenGcate  Electronic  PHI,  Person  or   EnGty  AuthenGcaGon,  Transmission   Security,  Integrity  Controls   AdministraGve  Safeguards   HIPAA  Compliant   HosGng   TrueVault   •  TrueVault  handles  both  Technical   and  Physical  Safeguards.   •  Developers  can  quickly  start   development  on  healthcare   applicaGons  without  building  a   HIPAA  compliant  infrastructure.   •  FireHost  and  AWS  have  high   minimum  charges  ($1,115  and   $1,500)  and  offer  no  help  with   the  Technical  Safeguards.  
  • 15. •  RESTful API - No Steps 1 through 5 to worry about ! •  BAA + Insurance! •  Works well with existing infrastructure! •  400+ Customers! •  Usage based pricing, no contracts!
  • 16. Q&A Time! Shameless Promotions:! ! •  TrueVault is hiring Developers, DevOps Engineers in San Francisco ! •  Join our iOS SDK beta list – Be the rst to release an iOS app leveraging Health Book! http://go.truevault.com/ios8! !
  • 17. Thank  you!   Jason  Wang   Founder  &  CEO,  TrueVault Â