It is very strange that when you look around you can find many, many training courses and seminars on HIPAA. From a providing information point of view, the market is well provided for. Yet walk into you local doctor’s office or local hopsital, and ask a few basic questions and blam, they don’t know HIPAA [Click to Read more...]
|
||||||
|
Previous steps Step 3 : Risk Assessment Now we need to consider the threats, both actual and perceived. Identify and discuss them, then list cost-effective solutions. In the solutions identify what is needed and possible methods to implement the solution. After all threats have been identified you might find a single solution that will address more than [Click to Read more...] One question I love asking coverd entities, “What and when was the latest change made to HIPAA?” I ask this for two reasons, One: to see what they know and how up to date they are, and Two: because HIPAA always changes. In a previous post I have already indicated the change in 2008 from [Click to Read more...] HIPAA audits are just like any audit or project they require the proper steps. Step 1 : Project Planning The planning and scoping of a project is often one of the hardest parts of project management. Audits, like a HIPAA audit, are a targeted project with findings or shortcomings as their project deliverables. If the audit scope [Click to Read more...] Most Security regulations like HIPAA, SOX, GLBA and PCI (which is an industry standard Not a regulation), all call for a risk analysis audit. To many this is an unknown or difficult process, so I thought I would present the common goals for a Risk-based Analysis Audit GOAL 1: The network defined We need to [Click to Read more...] For most medical practitioners the full concept of Disaster Recovery Planning (DRP) is sadly not fully understood. This often comes from a very weak approach to Risk Management, since the two concepts are very interrelated. [ By the way: HIPAA does calls for both, Disaster Recovery Plan see 164.308(a)(7)(ii)(B) and Risk Management see 164.308(a)(1)(ii)(B) ] So [Click to Read more...] Complaint Driven Vs. Audit Driven In October 2008 OIG (Office of Inspector General) conducted an audit of CMS (Centers for Medicare & Medicaid Services) regarding their oversight of HIPAA. Read the link for more information it is well worthwhile, though for many the impact may be subdued in auditees (auditor speak or lingo). My summary of the [Click to Read more...] HIPAA: The Compliance you either Love or hate Posted: August 30th 2007 Of all the Compliance regulations, HIPAA stands out from the rest. The medical industry, run from it and hate to even hear/read about it. |
How important is HIPAA to your organization?
Total Voters: 0  Loading ... |
|||||
|
Copyright © 2010 ISSCP Security Blog - All Rights Reserved |
||||||
