The Customer Relationship: Behind the Scenes with Managed Privacy Services

September 10th 2015 Executive Series Webinar

View the Replay on YouTube

Today’s Speakers

Ann Marie Harvey

Privacy Manager Baptist Health

Vinson Cao

Privacy Analyst

FairWarning, Inc.

Chuck Burbank

Director of Managed Privacy Services

FairWarning, Inc.

Agenda

• Healthcare Threat Landscape • Baptist Health System - Jacksonville, FL • Why Managed Privacy Services • Managed Privacy Services Relationship

– Getting Started – Behind the Scenes Activity – Working Together

• Future Expectations

Escalating Advanced Threats

´1

Lost laptops, media, paper records

Patient Complaints

Snooping

Medical & Financial ID Theft

2015 2013 2011

IRS Tax Fraud

2012 2014 Pre-2010

Sale of Patient Data to Crime Rings

Sale of Physician Data to Crime Rings

Sale of Employee Data to Crime Rings

It’s a new world

Rise of Cyber Threats to Healthcare Industry

Foreign National Espionage

Expertise Gap

Pre-2009 vs. 2015 Escalating Advanced Threats

Global Investigations

Partial FTE Advanced Analytics, Filtering, Proactive

Alerts

Investigations & Security Skills

Security Incident Management

Clinical Data & Workflow Expertise

OCR Audit Experience

Security, Forensics & Compliance Expertise

Managed Privacy Services

Monitoring 55 enterprise health systems representing over

• 217 Hospitals

– Ranging in size from 50 – 90K employees

• 306,000 Total Employees

Governance & Compliance Reporting

Communication & Education

Analysis & Filtering

Optimization

Proactive Monitoring

Auditing & Investigation

Policy Review

About Baptist Health

Baptist Health in Jacksonville, FL • Baptist Health is the largest nonprofit healthcare provider in northeast Florida

– 6 Hospitals – 19 Imaging Locations – 61 Outpatient Locations

• Baptist Health has been named the Most Preferred Healthcare Provider in the Jacksonville area every year since 1990 by the National Research Corporation

• Baptist Health has been serving their community since 1955 and remains the area’s only locally owned and governed healthcare provider Baptist Health has been a FairWarning customer since 2009 and

became a Managed Privacy Services customer in August of 2014

Why Managed Privacy Services

As existing FairWarning customer:

– Continual Automated Auditing

• Alerts

– Outsourcing Initial Investigations

• Privacy Analyst

– Expertise in data analytics

Getting Started – The Foundation

A strong foundation is essential for a sustainable program. Managed Privacy Services helps with: • Guidance on documentation of decisions regarding monitoring

program • Review of Key Policies • Providing a proven Workflow and Validation Process • Communication and Education Plan and materials • Enforced Policy recommendations based on industry and

benchmarking

Getting Started

Privacy Analyst: Behind the Scenes

Privacy Analyst: Behind the Scenes

12

Working Together

• Relationship Building - Collaboration

– Scheduled weekly meetings – Discussion topics • Review manager responses

• Outside concerns

• Request for assistance

• Feedback: “How am I doing?”

Open Communication

• Growing the Relationship

– Touching base throughout week: • Reviewing documentation

• Updating resolutions from managers for system accuracy

• Ad hoc reporting – identifying patient complaints

– Benchmarking versus care providers of similar size

• Additional work flows for clarification

• Sharing up-to-date industry news

Managers are reaching out directly for educational materials etc.

Results: Culture of Compliance

• Organizational Awareness – Program is gaining publicity – employees aware they are being watched

• Privacy policy review

• Using educational materials

• Manager training

• Quick notices: Care Connections and Baptist Brief – once a month

• Best Practices – In 8 months - Alerts are down

– Enforced policies

– Centralized repository for investigations

Roadmap

• Future Opportunities – Work with FairWarning on recommendations

• 1-2 more enforced policies by Oct (fiscal year)

• At least 4 more enforced policies by end of FY2016

• Advanced Threat Detection – Statistical Analysis & Trending

– 8 more sources over the next year

Final Thoughts

Building Confidence

“Managed Privacy Services, has enabled us to enhance our privacy program through outsourcing!”

Ann Marie Harvey

Privacy Manager Baptist Health

Questions

Please submit via the WebEx Q&A or Chat windows to the right side of your screen.

For more information, please visit:

www.FairWarning.com

Thank you for joining us!

Ann Marie Harvey

Privacy Manager Baptist Health

Vinson Cao

Privacy Analyst

FairWarning, Inc.

Chuck Burbank

Director of Managed Privacy Services

FairWarning, Inc.