Podcasts about privacy impact assessment

How To Include Cybersecurity In Your Privacy Impact Assessment Keeping information safe and secure is a challenging development for businesses of all sizes over the last few years. Remote working and using cloud hosted services forced healthcare practices to change, or at least re-examine, their cybersecurity practices and protocols. According to CyberEdge's Cyberthreat Defense Report, 85% of organizations suffered from a successful cyberattack in 2021. A privacy impact assessment (PIA) is an important tool to help understand the risks to patient health information and your healthcare business. Does Your PIA Include Cybersecurity Risks and Mitigation Plan? You should review your PIA regularly, at least annually, and update your risk mitigation plans when there is a change in your administrative, technical, or physical practices. You also need to consider that the threat environment external to your business, like the increasing risk of cybersecurity vulnerabilities, can damage your business. In this Episode #107 of the Practice Management Nuggets Podcast, Jean L. Eaton, Practical Privacy Coach with Information Managers shows us how to include cybersecurity risks in your PIA. #BeCyberSmart #PrivacyImpactAssessment #PIA #HIA #PHIPA See all the show notes and links on our website! https://PracticeManagementNuggets.Live

Producer/Host: Jim Campbell Maine is the only state that borders only one other state, which means that we have very long national borders with the ocean and with Canada. That, in turn, means that most, if not all of Maine, is within 100 miles of a US national border, and that fact gives the Customs and Border Protection Agency the ability to do a lot of things in the name of border protection that would not happen beyond that 100 mile border. One of those things is the ability to use license plate reader technology on any car on Maine roads without any warrant or warning. CBP’s recent “Privacy Impact Assessment for the CBP License Plate Reader Technology” describes the risks to our personal privacy of that program. The link is here It’s worth reading. Here’s why. The post Notes from the Electronic Cottage 9/10/20: CBP & License Plate Readers first appeared on WERU 89.9 FM Blue Hill, Maine Local News and Public Affairs Archives.

Producer/Host: Jim Campbell Maine is the only state that borders only one other state, which means that we have very long national borders with the ocean and with Canada. That, in turn, means that most, if not all of Maine, is within 100 miles of a US national border, and that fact gives the Customs and Border Protection Agency the ability to do a lot of things in the name of border protection that would not happen beyond that 100 mile border. One of those things is the ability to use license plate reader technology on any car on Maine roads without any warrant or warning. CBP’s recent “Privacy Impact Assessment for the CBP License Plate Reader Technology” describes the risks to our personal privacy of that program. The link is here It’s worth reading. Here’s why.

A Privacy Impact Assessment (PIA) is Good for Business A PIA is part of a regular business process if you collect, use, or disclose personal health information in your healthcare practice. When you have a previous PIA that has been prepared, submitted to the Office of the Information and Privacy Commissioner (OIPC) and it has been accepted for use--well, that is not the end of your PIA journey. You need to ensure that you are updating and amending your PIA as your practice matures and as you make administrative and technical changes to the procedures in your practice. Join Jean L. Eaton, Your Practical Privacy Coach and Your Practice Management Mentor and host of this podcast to discover the common triggers that require you to consider if it is time for you to do a PIA amendment. Subscribe: itunes | Email | | Stitcher | RadioPlayer Show Notes You can advance the podcast to the time entries 00:00  Introduction 01:07  When do you need a privacy impact assessment (PIA) amendment? 01:27  Previous PIA is more than 2 years ago 03:19  Changes in legislation Other common triggers for PIA amendments 03:56  Electronic Medical Record or computer network, or office productivity 05:16  Physicians, Ownership, Location 05:45  New Users / Information Sharing 06:35  Communicating With Patients 07:57  Vendors Change - Alberta Netcare Portal 10:00  New PIA or PIA Amendment? 12:13  After the Amendment is Written If you need assistance with your Privacy Impact Assessment amendment, see https://InformationManagers.ca/PIA-course Protect Your Practice, Your Patients, and Your Assets With Privacy Impact Assessments Are you struggling with creating your privacy impact assessment or amendment? Not sure if you are still compliant with the HIA? A completed PIA doesn’t last forever! If you need help with your amendment, let me know. I'm here to help you with on-line education and coaching. I help you complete your PIA. https://InformationManagers.ca/PIA-course   Rate and Review the Podcast I am honoured that you choose to spend your time with me today. Thank you for the opportunity to share my obsession about privacy, confidentiality and security with you! Reviews for the podcast on whatever platform that you use is greatly appreciated! When you provide your honest feedback it helps other people just like you find content that may help them, too.  If you received value from this episode, please take a moment and leave your honest rating and review. Jean L. Eaton, Your Practical Privacy Coach and Your Practice Management Mentor with Information Managers Ltd.

County of Santa Clara Chief Privacy Officer, Mike Shapiro, discusses the importance of having dedicated privacy leadership in our cities. He offers insight on the strategic and operational value of a CPO and the importance of empowering all employees to become ‘privacy champions’.

A Privacy Impact Assessment is Easy – When You Start With a Good Plan! Do you need a PIA? or a PIA amendment? If you are a healthcare provider or clinic manager and are not sure if you need a Privacy Impact Assessment . . . then this 30 minute webinar / podcast is for you! If you are a custodian--including physicians, optometrists, dentists, chiropractors, nurse practitioners, podiatrists, and more!--as defined by Alberta's Health Information Act, then you probably need a PIA. Jean L. Eaton, Your Practical Privacy Coach, will explain what a PIA is, why you need it, and how to start planning to prepare a PIA. A PIA is an important tool that you can use to help you with that project management. It will help you anticipate risks to the project before it starts and avoid serious problems, wasted time and money. The PIA process requires you to have written policies and procedures so that you can implement the project effectively and train your staff consistently. Sometimes, after you have completed a foundational PIA for your practice, you want to add a new tool, move or add a new clinic location, or change the way that you collect, use, or disclose health information.  This may trigger a PIA amendment where you can build onto your original PIA submission. Sometimes a PIA is a requirement of legislation. But it is always a best practice whenever you implement a project that includes personal health information. Podcast Sponsor - Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments A complete step by step on-line course !   Show Notes Recorded July 5 2018 You can advance the audio to these time markers: 04:52  Elephant in the Room Some people think that a PIA is a big scary elephant in the room. I’d like to show you that a PIA is not scary and, in fact, is a practical tool for your business. 03:49  Assess Your Project 04:24  Purpose of a PIA 04:58  PIA Process 13:42  Don’t Be Shocked! 17:00  Carrot or Stick Approach 26:07  5 Step Plan to PIA 30:22  When Do You Need a PIA? 31:40  Questions 34:00  Strategies to Complete Your PIA 34L30  DFY – Done For You Hire a consultant. A consultant may be internal to your organization or external. If you are a part of a large organization or association, you may have a dedicated Privacy Officer or Project Manager who will work with you and your business unit to develop the PIA. Or you may hire a consultant from an external business with experience in your industry and is knowledgeable about the regulatory requirements in your jurisdiction. 34:56  DIY Options - On-Line course Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments – A complete step by step course with on-line coaching from me. https://informationmanagers.ca/protect-your-practice-with-privacy-impact-assessments-course/  The DIY approach will take more of your time, and less money, to complete your PIA. If you ae the type of person that likes policies, procedures and details about legislation this is a good option for you. 36:17  DWY – Done With You Hybrid The hybrid approach includes you doing the majority of the information gathering and creating or reviewing your existing policies and procedures for your project. You also work with an experienced consultant (internal or external) to help you put the pieces of the PIA together and prepare the PIA submission, and to work with you to develop the implementation plan. Do This Now Members of Practice Management Success can access the video of this episode and the resources here. If you are not a member of Practice Management Success, yet—what are you waiting for? Click here and register now! With your membership to Practice Management Success, you will get great tips, tools, templates, and training that you can use right away to help you start, grow, maintain, or fix your healthcare practice. Rate and Review the Podcast I am honoured that you choose to spend your time with me today. Thank you for the opportunity to share my obsession about privacy, confidentiality and security with you! Reviews for the podcast on whatever platform that you use is greatly appreciated! When you provide your honest feedback it helps other people just like you find content that may help them, too.  If you received value from this episode, please take a moment and leave your honest rating and review. Jean L. Eaton, Your Practical Privacy Coach and Your Practice Management Mentor with Information Managers Ltd.

Have you ever said… “If only I had someone to ask!” Each month, we discuss your questions about practice management, human resources issues, clinic management best practices, procedures, resources, practical privacy tips, and more in Practice Management Success membership. In this Q&A, we're talking about: Can you use text messaging with patients? The short answer is, ‘Yes’. The longer answer is ‘Yes, but . . .  make sure that you are really clear about why you want to use text messaging, carefully plan the implementation and monitor its use.’  Listen to the full audio Q&A for my detailed response. Here are some audio highlights: 01:51 Patients want to use text messaging 02:24 Why text messaging? 04:59 Level of risk 06:33 Mitigation strategy 12:26 Bleen cloud based medical referral management system (Stitcher linkhttps://www.stitcher.com/podcast/jean-eaton/practice-management-nuggets/e/52478520) 13:19 ezReferral patient appointment management (Stitcher link https://www.stitcher.com/podcast/practice-management-nuggets/e/53743157?autoplay=true) 15:15 Healthquest EMR (www.healthquest.ca) 16:30 Privacy Impact Assessment 17:46 E-Course: Privacy Impact Assessments to Protect Your Practice, Your Assets, and Your Patients https://informationmanagers.ca/protect-your-practice-with-privacy-impact-assessments-course/  For more information visit:  https://InformationManagers.ca/can-you-use-text-messaging-with-patients/  

Fortsättning följer i vår nya podcast Stacken - citynetwork.se/stackenVi gästas av Karen Lawrence Öqvist, VD och grundare av Privasee och diskuterar hur man bryggar gapet mellan teknik och juridik i sitt arbete med GDPR. Avsnittet är på engelska.  Om GDPR poddenGDPR podden är ett forum där vi lär oss mer om och diskuterar den nya dataskyddsförordningen som ersätter den Svenska personuppgiftslagen. Tillsammans med våra gäster lär vi oss mer om lagens konsekvenser och får handfasta tips och idéer på hur vi ska förbereda oss.Följ med oss på en spännande resa och lyssna på intressanta diskussioner i vår jakt på mer information om lagen och hur den påverkar både företag och privatpersoner.  Dagens gäst – Karen Lawrence Öqvist / PrivaseeKaren Lawrence Öqvist har 20 + års erfarenhet inom informationssäkerhet, compliance och privacy på Fortune 500-företag som Novell, Hewlett-Packard och Cern. I bagaget har hon en MBA, masters i Informationssäkerhet och integritets certifieringar med lAPP (www.iapp.org). Karen är grundare och vd för företaget Privasee, ett start-up med fokus på data- och integritetsskydd, GDPR. I vår kommer hennes handbok för GDPR-genomförande.Linkedin | Twitter Om PrivaseeWe were born in June 2015 from an idea. Our founder Karen Lawrence Öqvist, a privacy advocate since 2007 read the draft General Data Protection Regulation (GDPR) in 2014. In the document she realised that in 2018 the market would be missing core tools and competences.She started by researching for a standard Privacy Impact Assessment, and there were none. So over the following two years she built one – a unique 7-step Agile PIA which will in 2017 be available as a cloud service.This PIA whilst in prototype has been tested on extensively on our clients, and thus was born our expert consulting services. In parallel was born privacy training and awareness services/products in efforts to empower our clients by creating a bridge between IT, business and legal.Privasee.eu Prenumerera Diskutera och kommentera@citynetwork | gdprpodden@citynetwork.se #gdprpodden Tweets See acast.com/privacy for privacy and opt-out information.

Fortsättning följer i vår nya podcast Stacken - citynetwork.se/stacken Vi gästas av Karen Lawrence Öqvist, VD och grundare av Privasee och diskuterar hur man bryggar gapet mellan teknik och juridik i sitt arbete med GDPR. Avsnittet är på engelska.     Om GDPR podden GDPR podden är ett forum där vi lär oss mer om och diskuterar den nya dataskyddsförordningen som ersätter den Svenska personuppgiftslagen. Tillsammans med våra gäster lär vi oss mer om lagens konsekvenser och får handfasta tips och idéer på hur vi ska förbereda oss. Följ med oss på en spännande resa och lyssna på intressanta diskussioner i vår jakt på mer information om lagen och hur den påverkar både företag och privatpersoner.     Dagens gäst – Karen Lawrence Öqvist / Privasee Karen Lawrence Öqvist har 20 + års erfarenhet inom informationssäkerhet, compliance och privacy på Fortune 500-företag som Novell, Hewlett-Packard och Cern. I bagaget har hon en MBA, masters i Informationssäkerhet och integritets certifieringar med lAPP (www.iapp.org). Karen är grundare och vd för företaget Privasee, ett start-up med fokus på data- och integritetsskydd, GDPR. I vår kommer hennes handbok för GDPR-genomförande. Linkedin | Twitter   Om Privasee We were born in June 2015 from an idea. Our founder Karen Lawrence Öqvist, a privacy advocate since 2007 read the draft General Data Protection Regulation (GDPR) in 2014. In the document she realised that in 2018 the market would be missing core tools and competences. She started by researching for a standard Privacy Impact Assessment, and there were none. So over the following two years she built one – a unique 7-step Agile PIA which will in 2017 be available as a cloud service. This PIA whilst in prototype has been tested on extensively on our clients, and thus was born our expert consulting services. In parallel was born privacy training and awareness services/products in efforts to empower our clients by creating a bridge between IT, business and legal. Privasee.eu   Prenumerera   Diskutera och kommentera @citynetwork | gdprpodden@citynetwork.se   #gdprpodden Tweets

View the blog post and register to view the video. A PIA should be as common place to a healthcare practice as a business plan is to a business. BUT most healthcare practices don’t know this and often don’t know that a PIA is usually part of their professional college requirements and often even a legislated requirement! Prevent malicious errors, omissions or attacks that could result in fines and even jail time for the business, healthcare provider, employee, or vendor by completing a PIA. You need a Privacy Impact Assessment when: - You are opening a new clinic or establishing a new health services program You are changing administrative procedures or technology equipment, services, or vendors You are changing how you collect and use personal information  You are implementing or changing an Electronic Medical Records (EMR) You are sharing health information with another healthcare provider, organization, Primary Care Network or other health program You have a Privacy Impact Assessment that was written more than 2 years ago? (It is time to review and update this!) Doing a Privacy Impact Assessment for your practice is easy – once you figure it out. I have helped hundreds of clients complete their Privacy Impact Assessment and visited hundreds of practices across Alberta. I’ve figured it out . . . so you don’t have to! Now I’m going to share with you what you need to know to plan your PIA. Brought to you by Jean L. Eaton, Your Practical Privacy Coach and Practice Management Mentor http://www.informationmanagers.ca Related Links: Register for the preview of the E-course webinar, Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments Buy the E-course, Protect Your Practice, Your Assets, and Your Patients with Privacy Impact Assessments - A Complete Step-by-Step Course Privacy Awareness in Healthcare: Essentials - online privacy awareness training from Corridor Interactive