Karen Chrisman
Chief Compliance Officer at Commonwealth of Kentucky - Commonwealth Office of Technology- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Credentials
-
Certified Information Privacy Professional/United States (CIPPUS)
IAPP - International Association of Privacy Professionals
Experience
-
Commonwealth of Kentucky - Commonwealth Office of Technology
-
United States
-
Information Technology & Services
-
100 - 200 Employee
-
Chief Compliance Officer
-
Apr 2018 - Present
Manage and direct the COT Privacy Program including interpret and apply federal and state law to ensure COT regulatory compliance, develop policies, processes and training. Serve as the COT privacy contact for information technology development and privacy assessments. Knowledge of regulatory frameworks including 45 CFR Parts 160 and 164, NIST, IRS, HIPAA, FERPA and federal and state regulations. Manage and direct the COT Privacy Program including interpret and apply federal and state law to ensure COT regulatory compliance, develop policies, processes and training. Serve as the COT privacy contact for information technology development and privacy assessments. Knowledge of regulatory frameworks including 45 CFR Parts 160 and 164, NIST, IRS, HIPAA, FERPA and federal and state regulations.
-
-
-
-
Executive Advisor and Privacy Officer
-
Jan 2018 - Apr 2018
Lead and supervise the state employee and state contractor staff for KHIE. Privacy Officer of KHIE. Responsible for the delivery of KHIE services to over 900 healthcare providers. Legal lead for 1115 waiver, KYHealth data sharing agreements. Agency liaison to the KHIE Clinical Advisory Committee. Lead the KHIE request for proposal committee and the procurement of new technology system for KHIE. Total contract amount of 44 million dollars. Lead the KHIE transition team for the new KHIE technology solution. Direct the work of consultants evaluating and preparing a sustainability plan for the new KHIE technology. KHIE representative for Centers for Medicare & Medicaid Services (CMS) and Strategic Health Information Exchange Collaborative (SHIEC) Direct program and new business services development for KHIE. KHIE representative for KHIE business partners, CHFS KASPER, OIG and Department for Public Health. Show less
-
-
-
-
Senior Advisor and Privacy Officer
-
Jun 2017 - Dec 2017
Direct the privacy program for DMS to protect the privacy of over one million four hundred thousand citizen records including: Interpret and apply federal and state law to ensure DMS regulatory compliance, develop policies, processes and training. Serve as the DMS privacy contact for information technology development and privacy assessments. Knowledge of regulatory frameworks including 45 CFR Parts 160 and 164 and DMS federal and state regulations. Draft and negotiate DMS telecommunications and data use agreements, business associate agreements and university partnerships. DMS agency lead for 1115 waiver, KYHealth data sharing agreements. Lead the agency privacy compliance and interpretation of NIST 800-53 rev.4 standards. Lead Division incident response team. Agency liaison with the Medicaid Advisory Council, agency lead for assigned Centers for Medicare and Medicaid Systems (CMS) grants. Developed the DMS privacy policy, lead the privacy committee and developed privacy training for all DMS employees. Show less
-
-
-
-
Privacy Officer and Staff Attorney
-
Jun 2010 - Jun 2017
Direct the privacy program for KHIE to protect the privacy of over four million citizen records including: Interpret and apply federal and state law to ensure Division regulatory compliance, develop policies, processes and training. Knowledge of regulatory frameworks including 45 CFR Parts 160 and 164. Draft and negotiate Division participation agreements, business associate agreements and vendor contracts. Develop and draft policies and business procedures for the governance of Division data. Lead Division privacy compliance and interpretation of NIST 800-53 rev.4 standards. Lead Division incident response team. Legislative liaison and regulation review team member for the Division. Review CHFS regulations and legislation and make recommendations to Division leadership. Developed and lead the data sharing agreement process that supported kynect and Benefind development. Project lead for the integration of behavioral health records into the Kentucky Health Information Exchange. Lead Kentucky’s drafting and adoption of a 42 CFR Part 2 compliant consent form to facilitate this connectivity. Lead the grant writing and compliance with grant requirements for the $600,000.00 grant awarded to the Division of Kentucky Electronic Health Information to fund this connectivity. Provide comments to pending regulations to federal agencies. Show less
-
-
Education
-
University of Kentucky J. David Rosenberg College of Law
Juris Doctorate, Law -
University of Kentucky College of Law
JD, Law