HIPAA privacy and security compliance - simplified : practical guide for healthcare providers and practice managers / Robert K. Brzezinski1 available
Gateway-Kenosha Campus General Collection
KF 3827 R4 B7.9 2016
- 2016 edition.
- 165 pages : black and white illustrations ; 23 cm
- Includes bibliographical references (pages 155-157).
- Chapter 1: HIPAA Laws Overview
- HIPAA Purpose
- HIPAA Regulatory Changes
- Transaction Standards Overview
- Transaction Standards Enforcement
- Administrative Simplification
- Chapter 2: HIPAA Privacy and Security Risks
- Who needs to worry about HIPAA
- Why worry about HIPAA
- Business Risks
- Patient Safety
- Regulatory Compliance
- HIPAA Enforcement
- Chapter 3: HIPAA Privacy and Security Standards Overview
- Risk Management Program
- Risk Management starts with Risk Analysis
- Privacy Rule compliance
- Administrative Safeguards -- Security Management -- Workforce Security -- Information Access Management -- Security Awareness and Training -- Security Incidents and Breach Notification Rule -- Contingency Plan -- Evaluation -- Business Associates
- Physical Safeguards -- Facility Access Controls -- Workstation Use and Security -- Device and Media Controls
- Technical Safeguards -- Access Control -- Audit Controls, Integrity and Authentication -- Transmission Security
- Organizational requirements -- Business Associate Contracts or Other Arrangements -- Policies and Procedures and Documentation Requirements
- Chapter 4: HIPAA Privacy and Security Risk Management Implementation - Preparing for Audit
- Risk Analysis -- Process and documentation (Day 1-5) -- Day allocated for HIPAA awareness training (Day 6)
- Risk Management
- Privacy Rule policy and documents (Day 7)
- Policy and Procedures
- Administrative safeguards (Day 9-20) -- Policy development (Day 9) -- Security Management Process (Day 10) -- Sanction policy, System Activity Review -- Mobile devices, patient authentication and communications -- Workforce access - background verification and clearance -- Security Awareness and Training (Day 14) -- Security Incident, data breach response documentation and examples (Day 15) -- Contingency Plans (Day 16) -- Business Associates (Day 18)
- Physical Safeguards -- Facility Access Controls and workstation security (Day 19) -- Device and Media Controls (Day 21)
- Technical safeguards (Day 22) -- Access, audit controls and Data transmission and encryption
- Organizational Safeguards -- Policies and procedures documentation requirements and retention policy (Day 24) -- Confidentiality statements and policy acknowledgement documentation (Day 26)
- Risk Management continuing effort
- Chapter 5: HIPAA Privacy and Security Awareness
- Answer Key
- Chapter 6: Policy and Procedures Example
- I. Policy
- II. Definitions
- III. Security Management Process
- IV. Workforce Security and Information Access Management
- V. Security Awareness and Training
- VI. Security Policies and Procedures
- VII. Facility Access Controls
- VIII. Workstation Security
- IX. Device and Media Controls
- X. Access and Audit Control
- XI. Security Policies and Procedures
- XII. Privacy Policies and Procedures
- ATTACHMENT A - Security Official
- ATTACHMENT B - Confientiality Statement and Policy Acknowledgement
- ATTACHMENT C - Personal Mobile Devices Use Agreement
- Robert Brzezinski, MBA, CHPS, CISA spent decade leading teams through organizational changes, solving problems, improving processes, creating strategy and savings in corporate structure. Experience with small and large orgranizations allow Robert to find balance between SMB operational reality, small business IT and budget priorities, and regulatory requirements.
- 59.00 AD NURS (10-543-1)
- United States Health Insurance Portability and Accountability Act of 1996.
- Medical laws and legislation.
- Medical care -- Law and legislation -- Textbooks.
- Medicine -- Practice -- United States.
- Medical records -- Access control.