Schedule

Wednesday
2019-10-02
The Inn at St. John’s
Thursday
2019-10-03
The Inn at St. John’s
Friday
2019-10-04
The Inn at St. John’s
The Inn at St. John’s
The Inn at St. John’s
The Inn at St. John’s
12:45 - 14:45
Pre-Conference Workshop: Key Legal Agreements for Data Sharing

Room: Ruth

This session will provide attendees with an in-depth understanding of key legal agreements that are needed when engaging in cross-sector and cross-jurisdictional data sharing. We will discuss data sharing agreements, memorandum of understanding, HIPAA business associate agreements and qualified service organization agreements. The goal of this session is to help you understand what each agreement covers, how each agreement should be structured and which agreements are necessary to meet your data sharing objectives.

Jennifer Bernstein, JD, MPH
Deputy Director, The Network for Public Health Law - Mid-States Region Office
14:45 - 15:00
Break with drinks and light snack
15:00 - 17:00
Pre-Conference Workshop: HIPAA Hybrid Entity Rules & Tools

Room: Judea

This workshop will provide attendees with an understanding of why the hybrid entity policy option may be beneficial, as well as what tools are needed to become a hybrid entity. This workshop is directed to fully HIPAA covered entities that are interested in exploring hybridizing, as well as hybrid entities that have not recently re-assessed their coverage status. Participants who register by August 1 will receive an invitation to submit a use case for group discussion with hands-on application of tools from the Network’s new HIPAA hybrid entity toolkit.

Sallie Milam, JD, CIPP/US/G
Deputy Director, The Network for Public Health Law - Mid-States Region Office
16:00 - 18:00
Evening registration
17:00 - 19:00
Happy Hour
Registration opens
08:00 - 09:00
Breakfast
08:45 - 10:00
Welcome and Opening Keynote

Room: Judea

Vivian Singletary, MBA, JM
Director, Public Health Informatics Institute
10:00 - 10:15
Break
10:15 - 12:15
Concurrent Sessions

Concurrent sessions based on legal parameters of collecting or sharing different types of data.


Breakout one: Navigating law to share data: Privacy and Security Fundamentals
Room: Ruth
Building healthy communities requires access to relevant data between programs within an agency (e.g. public health department) as well as from multiple sectors, including public health, healthcare, schools, human services, housing, and law enforcement. Data are essential for identifying health threats, designing interventions, coordinating care, measuring what works and planning for policy, systems and environmental change. A complex legal landscape, and lack of knowledge and training in law, result in actual and perceived barriers to data collection, use, and sharing. This session will cover privacy and security fundamentals. It will provide a systematic approach to identifying and resolving legal issues, describing strategies to navigate law and share the most meaningful data possible while protecting privacy, promoting security, and maintaining trust.
• Speakers: Denise Chrysler, Colin Boes
Breakout two: Behavioral, mental health and primary health care
Room: Judith & Esther
This session examines how HIPAA, 42 CFR Part 2 and state mental health laws create designated pathways for behavioral health, mental health and primary care data collecting and sharing. All within the context of these practice areas, presenters provide an overview of identification of law by data type and data source; review permissible uses and disclosures, along with prerequisites, conditions and limitations; address application of these laws to a data sharing issue; review legal solutions, such as a consent process, disclosure for research with IRB/Privacy Board approved waiver or de-identification; and review establishing and documenting terms of data sharing. This session is designed for individuals who already have a fundamental understanding of data sharing. Participants receive an in-depth review of behavioral health, mental health and primary care law identification and navigation, along with participating in small group discussion around a variety of data collection and sharing scenarios.
• Session Leader: Sallie Milam
• Speaker: Elizabeth Scurria Morgan
Breakout three: Education
Room: Sarah
• Speakers: Kerri McGowan Lowrey, Elliott Attisha

Click on a presenter’s name below to learn more about them:

Denise Chrysler, JD
Director, The Network for Public Health Law - Mid-States Region Office
Colin Boes, JD
Privacy Specialist - Michigan Department of Health and Human Services Legal Affairs
Sallie Milam, JD, CIPP/US/G
Deputy Director, The Network for Public Health Law - Mid-States Region Office
Elizabeth Scurria Morgan
First Deputy General Counsel and Director, Privacy & Data Compliance Office, Massachusetts Department of Public Health
Kerri McGowan Lowrey, JD, MPH
Deputy Director and Director of Grants and Research, The Network for Public Health Law - Eastern Region Office
Elliott Attisha, DO, FAAP
Chief Health Officer, Detroit Public Schools
12:15 - 12:30
Break
12:30 - 13:30
Lunch Keynote

Room: Judea

Debra Gee, JD
General Counsel & Executive Officer, Chickasaw Nation
13:30 - 13:45
Break
13:45 - 15:45
Concurrent Sessions

Concurrent sessions based on legal parameters of collecting or sharing different types of data.


Breakout one:
Behavioral, mental health and primary health care
Room: Judith & Esther
This session examines how HIPAA, 42 CFR Part 2 and state mental health laws create designated pathways for behavioral health, mental health and primary care data collecting and sharing. All within the context of these practice areas, presenters provide an overview of identification of law by data type and data source; review permissible uses and disclosures, along with prerequisites, conditions and limitations; address application of these laws to a data sharing issue; review legal solutions, such as a consent process, disclosure for research with IRB/Privacy Board approved waiver or de-identification; and review establishing and documenting terms of data sharing. This session is designed for individuals who already have a fundamental understanding of data sharing. Participants receive an in-depth review of behavioral health, mental health and primary care law identification and navigation, along with participating in small group discussion around a variety of data collection and sharing scenarios.
• Session Leader: Sallie Milam
• Speaker: Elizabeth Scurria Morgan
Breakout two: Law enforcement and criminal justice
Room: Sarah
• Speakers: Hudson Harris, Monika Tzoneva
Breakout three: Public health and environmental health
Room: Ruth
• Speakers: Colleen Healy Boufides, Denise Chrysler

Click on a presenter’s name below to learn more about them:

Sallie Milam, JD, CIPP/US/G
Deputy Director, The Network for Public Health Law - Mid-States Region Office
Elizabeth Scurria Morgan
First Deputy General Counsel and Director, Privacy & Data Compliance Office, Massachusetts Department of Public Health
Hudson Harris, JD, MBA
Founder, Pandon
Monika Tzoneva, JD, PhD, CHC
Compliance and Privacy Officer, Department of Community and Human Services - King County, WA
Colleen Healy Boufides, JD
Deputy Director, The Network for Public Health Law - Mid-States Region Office
Denise Chrysler, JD
Director, The Network for Public Health Law - Mid-States Region Office
15:45 - 16:00
Break
16:00 - 17:00
Session – Public Benefits and Private Risks

Public Benefits and Private Risks: How should Public Health Policy properly balance societal ethical interests and individual rights?
Room: Judea

Balancing important societal ethical interests (justice, beneficence and public good) with individual rights and protections can be a challenging issue for public health policy. This session will provide an overview of public health data de-identification as an important tool to make data more freely, safely and legally available to public health and communities while appropriately balancing public and private interests. This session will explain the process of data re-identification risk assessments in informing data disclosure policies and provide an overview of the HIPAA “statistical de-identification” provision. Attendees will develop an awareness of the efficacy of modern data de-identification methods and the importance of utilizing a combination of technical and management controls (such as data use agreements) to appropriately mitigate privacy risks in balance with public benefits.

Daniel Barth-Jones, PhD, MPH
Assistant Professor of Clinical Epidemiology, Columbia University Mailman School of Public Health
17:30 - 19:30
Reception in Atrium
17:52
Continental Breakfast
Registration
08:00 - 09:00
Breakfast
09:00 - 10:15
Concurrent Sessions

Breakout one: Data Governance
Room: Sarah
When health care providers, public health and others create, use and share data, governance is required to ensure that trust is maintained and interoperability risks are appropriately managed. This session highlights how governance is achieved by providing coordination and oversight through a policy framework, a decision-making body and trust agreement. Examples of governance in action will include the Data Use and Reciprocal Support Agreement, and Trusted Exchange Framework and Common Agreement. Attendees will learn how governance and interoperability improve disaster response which saves lives and relieves stress in an emergency. Attendees will also learn how interoperability and governance reduce the burden of public health case reporting for the provider community, while improving the timeliness, accuracy and completeness of the data.
• Moderator: Sallie Milam
• Speakers: Steve Gravely, Troy Willitt
Breakout two: Open data, FOIA and sunshine laws
Room: Ruth
• Speakers: Elizabeth Scurria Morgan, Katherine Alford
Breakout three: Ethical considerations of data sharing
Room: Judith
• Speaker: Cason Schmit

Click on a presenter’s name below to learn more about them:

Steve Gravely
CEO - Strategic and Legal Advisor to Healthcare Organizations, Gravely Group
Elizabeth Scurria Morgan
First Deputy General Counsel and Director, Privacy & Data Compliance Office, Massachusetts Department of Public Health
Katherine Alford, JD, CIPP/US
Deputy General Counsel, Massachusetts Department of Public Health
Cason Schmit, JD
Research Assistant Professor, Texas A&M University School of Public Health
10:15 - 10:30
Break
10:30 - 12:00
Closing Session

Room: Judea

When public health shares information with communities, it balances assuring the public good with the risk to individual privacy. This session examines how public health utilizes mapping technologies to monitor health status to identify and solve community health problems; diagnose and investigate health problems and health hazards in the community; inform, educate, and empower people about health issues, creating a space for public action; and, assist public health agencies in fulfilling the 10 Essential Public Health Services. Geographic information systems use geographic data, such as streets, blocks or neighborhood areas and attribute data, such as social determinants of health, and link the two in a map. Attendees learn about implementing privacy controls for useful and locally relevant map design.

Estella Geraghty, MD, MS, MPH, GISP
Chief Medical Officer, Esri
Select date to see events.