Dancing  With  HIPAA  Follow  my  lead  and  you’ll  be  OK  

David Harlow JD MPH THE HARLOW GROUP LLC

blog  •  healthblawg.com  twi7er  •  @healthblawg        

Photo: CC: http://www.flickr.com/photos/aigle_dore/6672141083

HIPAA  Highlights  PHI  CE  BA  

Breach  No0fica0on  • Pa0ents  • Government  • Press  (>500)  

Enforcement  (OCR/AGs)  • BA  Primary  Liability  • Downstream  responsibility  • Audits,  Complaint  Inves0ga0ons,  Fines  

TPO  BAA  NPP  

Authoriza0on/Consent  

Security    • Administra0ve  • Technical  • Physical  • >>  Risk  Assessment  

Privacy    • Minimum  Necessary  for  TPO  • Pa0ent  Access  • Opt-­‐In  for  Research,  Marke0ng,  Fundraising  

Wall  of  Shame  

Deiden>fica>on  

Photo: CC: http://www.flickr.com/photos/hape_gera/3281625420

thed

atam

ap.org  

It’s  not  ALL  about  HIPAA  

FTC  Breach  No>fica>on  Rule  

for  PHRs  

State  Rules  on    Data  Privacy  Including  

“Sensi>ve”  Health  Data  

Lockdown  vs.  Open  Door  

Clear  Expecta0ons  =>  No  Surprises      

The  Inevitability  of  Digital  Health  

Photo: CC: http://www.flickr.com/photos/aigle_dore/6672141083

           

for  contact  info    txt  dharlow  to  50500  or  scan  the  QR  code  

 harlowgroup.net  healthblawg.com  

twiWer.com/healthblawg  david@harlowgroup.net  

Thank  You   David Harlow JD MPH THE HARLOW GROUP LLC

j.mp/HxR2014HIPAA