Full Description
The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules is a comprehensive manual to ensuring compliance with the implementation standards of the Privacy and Security Rules of HIPAA and provides recommendations based on other related regulations and industry best practices.
The book is designed to assist you in reviewing the accessibility of electronic protected health information (EPHI) to make certain that it is not altered or destroyed in an unauthorized manner, and that it is available as needed only by authorized individuals for authorized use. It can also help those entities that may not be covered by HIPAA regulations but want to assure their customers they are doing their due diligence to protect their personal and private information. Since HIPAA/HITECH rules generally apply to covered entities, business associates, and their subcontractors, these rules may soon become de facto standards for all companies to follow. Even if you aren't required to comply at this time, you may soon fall within the HIPAA/HITECH purview. So, it is best to move your procedures in the right direction now.
The book covers administrative, physical, and technical safeguards; organizational requirements; and policies, procedures, and documentation requirements. It provides sample documents and directions on using the policies and procedures to establish proof of compliance. This is critical to help prepare entities for a HIPAA assessment or in the event of an HHS audit. Chief information officers and security officers who master the principles in this book can be confident they have taken the proper steps to protect their clients' information and strengthen their security posture. This can provide a strategic advantage to their organization, demonstrating to clients that they not only care about their health and well-being, but are also vigilant about protecting their clients' privacy.
Contents
HIPAA/HITECH Overview. The Relevance of HIPAA/HITECH to Healthcare Organizations. Compliance Overview. Privacy Rule Detailed. The Electronic Transactions and Code Set Rule Detailed. The National Provider Identifier Requirements Detailed. "Meaningful Use" Detailed. Breach Notification Detailed. Enforcement Rule Detailed. Security Rule Detailed. Security Rule: Administrative Safeguards. Security Rule: Risk Assessments. Security Rule: Security Awareness Training. Security Rule: Incident Response. Security Rule: Business Continuity Planning and Disaster Recovery. Security Rule: Compliance Assessment. Security Rule: Physical Safeguards. Security Rule: Technical Safeguards. Security Rule: Organizational Requirements. Frequently Asked Questions. Checklists. Works Cited. Additional Resources. Acronyms. Glossary. Index.
