Data Security and Information Sharing

The New York State Department of Health is committed to ensuring that Medicaid data containing Protected Health Information (PHI) originating from the DOH (hereafter referred to as DOH Medicaid data) follows secure channels of access. This section contains information regarding measures PPS Leads must take to obtain and access DOH Medicaid data. Note: Webinars recorded from the Data Security Workgroup after October 2015 are posted for the PPS´ access within the DSRIP Digital Library.

Supplemental Materials

Systems Security Plans (SSPs) with Cloud Service Provider (CSP)

The link below contains guidance for PPSs regarding responding to SSP controls associated with your CSP

Data Security Webinars

October 15, 2015

The Department has released an updated FAQ document combining and updating the content from the 7/7/17 and 9/22/15 FAQ releases, as well as adding recent FAQs generated from the Data Security Workgroup

September 22, 2015

The Department hosted a webinar on September 22, 2015 and released additional supporting guidance documents to assist PPSs in understanding and completing their Systems Security Plans.

July 07, 2015

The Department hosted a webinar on July 7, 2015, this webinar reviews the requirements and necessary steps to secure access to DOH provided Medicaid PHI (Protected Health Information) data. This includes the impact of the opt-out process on information sharing on data sharing within the PPS and to the PPS downstream partners.

Data Security Information

April 22, 2015

The Department hosted a webinar on April 22, 2015 to review and answer questions regarding the DEAA addendum, steps needed to support data security, completion of identity assurance risk assessments, and the role of the Medicaid Analytics Performance Portal. Below you can find the recorded webinar, as well as a copy of the presentation slides.