Ahcccs system security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 5

AHCCCS System Security PowerPoint PPT Presentation


  • 82 Views
  • Uploaded on
  • Presentation posted in: General

AHCCCS System Security. Why is Security SO important? Federal and State standards Security breaches in the last year What AHCCCS is doing What we are expecting of you Questions. Federal and State Standards. Federal requirement – HIPAA Covers both Privacy and Security

Download Presentation

AHCCCS System Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ahcccs system security

AHCCCS System Security

  • Why is Security SO important?

  • Federal and State standards

  • Security breaches in the last year

  • What AHCCCS is doing

  • What we are expecting of you

  • Questions


Federal and state standards

Federal and State Standards

  • Federal requirement – HIPAA

    • Covers both Privacy and Security

    • AHCCCS utilized HIPAA consultants to assist with:

      • GAP analysis (as-is and target environments)

      • Remediation Plan

      • Part of that is on-gong – Annual HIPAA Security Self Assessment

  • State Standards


Security breaches

Security breaches

  • State of Utah – up to 200K files stolen; information on up to 750K people hacked due to a “configuration issue”

  • State of Alaska – USB thumb drive stolen w/member data; fined in 2012

  • State of South Carolina - Information on 228K people stolen by an employee via email

  • ASU– obtained password, used to steal list of user-id & passwords

  • AZ DPS – 8 E-mail accounts “hacked”

  • Our responsibility: As Health Care professionals, take SECURITY seriously


What ahcccs security is doing

What AHCCCS security is doing

  • Annual HIPAA Security Self Assessment (Audit)

  • Stach & Liu Security Audit

    • External Penetration Test

    • Detailed assessment of our web-based applications

    • Wireless environment

    • Completed, working on remediation

  • Working on an SSAE-16 audit

    • Focused on Security

    • In Process

    • Completed “assessment”, awaiting preliminary findings


What we are expecting of you

What we are expecting of you

  • Security language is/will be included in the contracts

    • Includes initial and annual assessments

    • Actively worked remediation plan

  • Providing our HIPAA Security Self Assessment Audit tool that we utilize

    • Best if Audit to be conducted by an independent third party; required by contract

    • Only as good as you make it

  • Questions?


  • Login