This volume is a comprehensive manual to ensuring compliance with the implementation standards of the Privacy and Security Rules of HIPAA and provides recommendations based on other related regulations and industry best practices. It can also help those entities that may not be covered by HIPAA regulations but want to assure their customers they are doing their due diligence to protect their information. The book covers administrative, physical, and technical safeguards; organizational requirements; procedures, and documentation requirements. It provides sample documents and directions on…mehr
This volume is a comprehensive manual to ensuring compliance with the implementation standards of the Privacy and Security Rules of HIPAA and provides recommendations based on other related regulations and industry best practices. It can also help those entities that may not be covered by HIPAA regulations but want to assure their customers they are doing their due diligence to protect their information. The book covers administrative, physical, and technical safeguards; organizational requirements; procedures, and documentation requirements. It provides sample documents and directions on using the policies and procedures to establish proof of compliance.
John ("Jay") Trinckes, Jr., CISSP, CISM, CRISC, CEH, NSA-IAM/IEM, MCSE-NT, A+, is the chief information security officer (CISO) for Path Forward IT, a managed service provider of IT and security services for the healthcare industry. Jay has previously worked as a senior information security consultant and authored The Executive MBA in Information Security, published by CRC Press in 2009. Trinckes has developed enterprise-level information security management programs for multiple clients and conducted countless successful internal/external vulnerability/penetration assessments and other technical compliance audits. He has been instrumental in developing policies, procedures, audit plans, compliance assessments, business impact analyses, and business continuity and disaster recovery plans for many clients. He also conducts security awareness training and other presentations related to information security. He provides a unique perspective on compliance as a result of his previous work experience as an information security risk analyst, IT manager, system administrator, and law enforcement officer.
Inhaltsangabe
HIPAA/HITECH Overview. The Relevance of HIPAA/HITECH to Healthcare Organizations. Compliance Overview. Privacy Rule Detailed. The Electronic Transactions and Code Set Rule Detailed. The National Provider Identifier Requirements Detailed. "Meaningful Use" Detailed. Breach Notification Detailed. Enforcement Rule Detailed. Security Rule Detailed. Security Rule: Administrative Safeguards. Security Rule: Risk Assessments. Security Rule: Security Awareness Training. Security Rule: Incident Response. Security Rule: Business Continuity Planning and Disaster Recovery. Security Rule: Compliance Assessment. Security Rule: Physical Safeguards. Security Rule: Technical Safeguards. Security Rule: Organizational Requirements. Frequently Asked Questions. Checklists. Works Cited. Additional Resources. Acronyms. Glossary. Index.
