8 of 10

HIPAA privacy and security compliance - simplified : practical guide for healthcare providers and practice managers / Robert K. Brzezinski

1 available



Gateway-Kenosha Campus General Collection

KF 3827 R4 B7.9 2016


Material Type
Brzezinski, Robert K., author.
Publication Info.
San Bernardino, California : BizWit LLC, [2016]
Publication Info.

More Details

2016 edition.
165 pages : black and white illustrations ; 23 cm
Includes bibliographical references (pages 155-157).
Chapter 1: HIPAA Laws Overview
HIPAA Purpose
HIPAA Regulatory Changes
Transaction Standards Overview
Transaction Standards Enforcement
Administrative Simplification
Chapter 2: HIPAA Privacy and Security Risks
Who needs to worry about HIPAA
Why worry about HIPAA
Business Risks
Patient Safety
Regulatory Compliance
HIPAA Enforcement
Chapter 3: HIPAA Privacy and Security Standards Overview
Risk Management Program
Risk Management starts with Risk Analysis
Privacy Rule compliance
Administrative Safeguards -- Security Management -- Workforce Security -- Information Access Management -- Security Awareness and Training -- Security Incidents and Breach Notification Rule -- Contingency Plan -- Evaluation -- Business Associates
Physical Safeguards -- Facility Access Controls -- Workstation Use and Security -- Device and Media Controls
Technical Safeguards -- Access Control -- Audit Controls, Integrity and Authentication -- Transmission Security
Organizational requirements -- Business Associate Contracts or Other Arrangements -- Policies and Procedures and Documentation Requirements
Chapter 4: HIPAA Privacy and Security Risk Management Implementation - Preparing for Audit
Risk Analysis -- Process and documentation (Day 1-5) -- Day allocated for HIPAA awareness training (Day 6)
Risk Management
Privacy Rule policy and documents (Day 7)
Policy and Procedures
Administrative safeguards (Day 9-20) -- Policy development (Day 9) -- Security Management Process (Day 10) -- Sanction policy, System Activity Review -- Mobile devices, patient authentication and communications -- Workforce access - background verification and clearance -- Security Awareness and Training (Day 14) -- Security Incident, data breach response documentation and examples (Day 15) -- Contingency Plans (Day 16) -- Business Associates (Day 18)
Physical Safeguards -- Facility Access Controls and workstation security (Day 19) -- Device and Media Controls (Day 21)
Technical safeguards (Day 22) -- Access, audit controls and Data transmission and encryption
Organizational Safeguards -- Policies and procedures documentation requirements and retention policy (Day 24) -- Confidentiality statements and policy acknowledgement documentation (Day 26)
Risk Management continuing effort
Chapter 5: HIPAA Privacy and Security Awareness
Answer Key
Chapter 6: Policy and Procedures Example
I. Policy
II. Definitions
III. Security Management Process
IV. Workforce Security and Information Access Management
V. Security Awareness and Training
VI. Security Policies and Procedures
VII. Facility Access Controls
VIII. Workstation Security
IX. Device and Media Controls
X. Access and Audit Control
XI. Security Policies and Procedures
XII. Privacy Policies and Procedures
ATTACHMENT A - Security Official
ATTACHMENT B - Confientiality Statement and Policy Acknowledgement
ATTACHMENT C - Personal Mobile Devices Use Agreement
Robert Brzezinski, MBA, CHPS, CISA spent decade leading teams through organizational changes, solving problems, improving processes, creating strategy and savings in corporate structure. Experience with small and large orgranizations allow Robert to find balance between SMB operational reality, small business IT and budget priorities, and regulatory requirements.
59.00 AD NURS (10-543-1)
United States Health Insurance Portability and Accountability Act of 1996.
Medical laws and legislation.
Medical care -- Law and legislation -- Textbooks.
Medicine -- Practice -- United States.
Medical records -- Access control.