Tom Furlani, Center for Computational Research University at Buffalo, October 15, 2015 Coexisting...
-
Upload
albert-park -
Category
Documents
-
view
212 -
download
0
Transcript of Tom Furlani, Center for Computational Research University at Buffalo, October 15, 2015 Coexisting...
Tom Furlani, Center for Computational ResearchUniversity at Buffalo, October 15, 2015
Coexisting with Protected Health Information at CCR
Tom’s Guiding Principles to Storing HIPAA Data
• Avoid doing it if possible • If not possible, find someone else to be responsible
• Be sure they are not housing your EMR data
PHI Data in CCR• Treat them like a leper (just kidding)
• PHI racks isolated in CCR datacenter
• A distinct entity (IHI)• Separate director and IT support staff
• Full time HIPAA compliance officer
PHI racks in CCR isolated within a cage
IHI card access separate from machine room access
• >100Tb self-encrypting data repository with expansion capability• 24x7 access control system, CCTV data center surveillance, and
outside perimeter monitoring with video capture systems monitored by Roswell Park Security officers
• Security card reader access to facility, data center and IHI secured area
• 18 individually locked racks that are fully monitored for access, network, power, and cooling utilization
• Managed and Monitored Firewall Service, including vulnerability management services, real-time, 24x7x365 security event and log monitoring, analysis and response by Global Information Assurance Certification (GIAC) certified security analysts
• Encryption of data at rest and in motion• Remote access via VPN only• Virtual Desktop Infrastructure with no access to removable media • Continuous antivirus and malware monitoring• Segregated primary internet connection to the UB Fiber
backbone
IHI HIPAA-compliant security infrastructure
Institute for Healthcare Informatics (IHI)
• Data at the IHI includes: UBMD Physicians’ Group: over 400 providers entering
identified patient data over 6 years. HealthNow: insurance claims on limited diagnosis over 7 years
• IHI Services All services provided require strict security protocols and
approvals by the institutional review board (IRB). Services include data management, data aggregation, subject
matter experts (SMEs), data modeling expertise and data warehousing..
• IHI Data Hosting Provide secure computing infrastructure to host researchers
data.
IHI Clinical Data Repository (CIDR)
1,700,000 Patient records
59,000,000claims
115,870,000diagnosis
42,600,000prescriptions
4,850,000observations
>1,000,000 million lab results
Tying It All Together at UBClinical data, Genomic data, and computing horsepower
The non-PHI Side: UB’s Genomics, Bioinformatics and HPC Capabilities
Research Scientists/Industry Partners
UB Next-Gen Sequencing: data generation and bioinformatics analysis
Center for Computational Research
170 Tflops Total Aggregate Compute Capacity11,400 cores; including $1.2M ESD CFA Award – HPC Cluster for Economic Dev 3.2 PB of High Performance Storage (GPFS)Major Upgrades Planned for 2015
~0.5 Tbyte of data a day 300 Billion sequence bases
a day 100 human genomes a day
UB Next-Gen Bioinformaticianscomputing on CCR resources