Product Description
Updated to cover the Final Security Rule and other latest progress with HIPAA and to be as concise and relevant to HIPAA compliance as possible. HIPAA @ IT Essentials Second Edition provides a distillation of the vital points from the 3 separate books on transactions, privacy, and security by the same author Roy Rada.
This book is organized into the following three main chapters:
* Transactions,
* Privacy, and
* Security.
The Transaction Final Rule was published in August 2000, the Privacy Final Rule in December 2000, and the Security Rule in February 2003.
The Transactions Chapter relates to exchanges between healthcare providers and payers and covers
* transactions,
* code sets,
* identifiers,
* impact, and
* implementation.
Standards for transactions and code sets are vital to efficient and effective communication among healthcare organizations. The impact should be higher quality at less cost.
The Privacy Chapter focuses on the relationship between patients and the healthcare system and addresses
* notice and authorization,
* uses and disclosures
* patient rights,
* administration, and
* impact.
When one person has the private information of another, that other person loses some control. The Privacy Rule gives the patient strong rights over his or her information.
The Security Chapter explains how to keep information safe and covers first the compliance life cycle and then administrative, technical, and physical safeguards. Workflow management is vital to healthcare organizations and when done properly gives security as a derivative.
HIPAA @ IT Essentials 2003: Health Information Transactions, Privacy, and Security
Tags: HIPAA, Security, information, Privacy, security chapter, 2003
{ 6 comments… read them below or add one }
This is a great easy read overview of HIPAA. It guides you through the minefield of HIPAA legislation. I recommend this book. 5 stars!
The book is a great opportunity and window to a beginner that wants to successfully start a HIPAA Compliance project.
Access rights project is a challenge for many companies, especially when they need to meet regulations as HIPAA, SOX, FERC etc.
With an experience of over 60 RBAC & Identity auditing project, which some of them involved HIPAA regulations, I have gained added field value that I would like to share.
I would like to add some best practices ideas that you should consider after reading the book:
Usually, companies are trying to approach this project, using the current resources and do this project manually, without any external consultancy or experience, best practices and methodologies
By taking the manual approach, you can generate few roles, usually, the basic enterprise roles or departmental roles, but then , you will find that you need to generate many other roles, by analyzing many users, resources , access rights and working and interviewing with many business managers, a process that can take 24-48 months for an organization with 10k users.
Cleansing
1. Use smart AUDIT tools to analyze your current access rights model and advice you what access rights are suspected
2. Use compliance and policy check tools (Segregation of duty etc) to perform the cleansing
3. Use a workflow for Access-Rights Certification
Role Engineering:
Use tools that can help you creating roles by analyzing your current access right.
Run all the techniques that this tool provide and analyze the results.
Use workflow for Role Approval
Audit your roles.
Build compliance rules to validate the roles.
Role Management
Ensure that you will be able to modify and alter the roles easily
Build or use a solution that will help you to manage and maintain the roles
Roles are dynamic and will change
Role certification / re -certification
Hope it helps to the readers of this book
Ilan Sharoni
Director – Eurekify
The more detailed book HIPAA@IT Reference is splendid but this little book HIPAA@IT Essentials is definitely worth buying. This is ideal for healthcare professionals who need a quick start in the field of HIPAA.
This is a great easy read overview of HIPAA. It guides you through the minefield of HIPAA legislation. I recommend this book. 5 stars!
I”ll say it again-don’t waste your money
rel=”nofollow” and know if I ever do see a pair, it’ll be ruined, because I’ll be worrying about WPF implementation standards instead.. <grr>
You must log in to post a comment.