SlideShare una empresa de Scribd logo

Complying with HIPAA Security Rule

Descargar como PPTX, PDF
C
complianceonline123

What is HIPAA? HIPAA: Health Insurance Portability and Accountability Act It was passed by Congress in 1996 It includes requirements for: Transfer and continuation of health insurance coverage for millions of American workers and their families when they change or lose their jobs Reducing healthcare fraud and waste The protection and confidential handling of protected health information HIPAA Security Rule Establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. Requires appropriate safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. Safeguards include: Administrative Physical Technical Administrative Safeguards HIPAA security rule requires covered entities to implement the following administrative safeguards: Security Management Process Security Personnel Information Access Management Workforce Training Evaluation Physical Safeguards The security rule requires covered entities to implement physical safeguards such as: Facility Access and Control Access can be restricted through use of access cards, biometric scanners, keys, pass codes and so on Workstation and Device Security Develop and implement policies for workstation and device security Implement unique password/user ids for each user Proper user logs and records should be maintained Technical Safeguards The security rule requires a covered entity to implement technical safeguards such as: Access Controls Audit Controls Integrity Controls Transmission Security Want to learn more about HIPAA, HIPAA Privacy and Security Rule, its requirements and best practices to comply with them? ComplianceOnline webinars and seminars are a great training resource. Check out the following links: How to examine security policies, practices, and risk issues to comply with HIPAA How to use social media and texting without breaking HIPAA rules How to Conduct risk analysis to comply with HIPAA HIPAA/HITECH Assessment for Healthcare Business Associates How to comply with HIPAA Omnibus Rule Understanding new rules and responsibilities of Privacy Officer under HIPAA HIPAA Security and Breach Rule Compliance For more details Visit us at:http://www.complianceonline.com/the-new-hipaa-audit-program-focus-webinar-training-703180-prdw?channel=ppt-slideshare

Atención sanitaria
1 de 7
Complying with HIPAA Security Rule
What is HIPAA? • HIPAA: Health Insurance Portability and Accountability Act • It was passed by Congress in 1996 • It includes requirements for: – Transfer and continuation of health insurance coverage for millions of American workers and their families when they change or lose their jobs – Reducing healthcare fraud and waste – The protection and confidential handling of protected health information
HIPAA Security Rule • Establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. • Requires appropriate safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. • Safeguards include: – Administrative – Physical – Technical
Administrative Safeguards HIPAA security rule requires covered entities to implement the following administrative safeguards: • Security Management Process • Security Personnel • Information Access Management • Workforce Training • Evaluation
Physical Safeguards The security rule requires covered entities to implement physical safeguards such as: • Facility Access and Control – Access can be restricted through use of access cards, biometric scanners, keys, pass codes and so on • Workstation and Device Security – Develop and implement policies for workstation and device security – Implement unique password/user ids for each user – Proper user logs and records should be maintained
Technical Safeguards The security rule requires a covered entity to implement technical safeguards such as: • Access Controls • Audit Controls • Integrity Controls • Transmission Security
Want to learn more about HIPAA, HIPAA Privacy and Security Rule, its requirements and best practices to comply with them? ComplianceOnline webinars and seminars are a great training resource. Check out the following links: • How to examine security policies, practices, and risk issues to comply with HIPAA • How to use social media and texting without breaking HIPAA rules • How to Conduct risk analysis to comply with HIPAA • HIPAA/HITECH Assessment for Healthcare Business Associates • How to comply with HIPAA Omnibus Rule • Understanding new rules and responsibilities of Privacy Officer under HIPAA • HIPAA Security and Breach Rule Compliance

Recomendados

Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & EthicsKarthikeyan Dhayalan
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)Sam Bowne
 
Password policy template
Password policy templatePassword policy template
Password policy templateJayaramachandran Rajendran
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
It security-plan-template
It security-plan-templateIt security-plan-template
It security-plan-templatejbmills1634
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaiFour Consultancy
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2ShivamSharma909
 

Recomendados

Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & EthicsKarthikeyan Dhayalan
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)Sam Bowne
 
Password policy template
Password policy templatePassword policy template
Password policy templateJayaramachandran Rajendran
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
It security-plan-template
It security-plan-templateIt security-plan-template
It security-plan-templatejbmills1634
 
ISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaISO 27001 management clause 7 support - by software development company in india
ISO 27001 management clause 7 support - by software development company in indiaiFour Consultancy
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2CompTIA Security+ SY0-601 Domain 2
CompTIA Security+ SY0-601 Domain 2ShivamSharma909
 
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
SOC 2 and You
SOC 2 and YouSOC 2 and You
SOC 2 and YouSchellman & Company
 
CISSP - Security Assessment
CISSP - Security AssessmentCISSP - Security Assessment
CISSP - Security AssessmentKarthikeyan Dhayalan
 
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...PECB
 
Top management role to implement ISO 27001
Top management role to implement ISO 27001Top management role to implement ISO 27001
Top management role to implement ISO 27001PECB
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
ISMS Awareness IT Staff
ISMS Awareness IT StaffISMS Awareness IT Staff
ISMS Awareness IT StaffTooba Khaliq
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureKarthikeyan Dhayalan
 
GDPR RACI.pdf
GDPR RACI.pdfGDPR RACI.pdf
GDPR RACI.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Indice Syntec (presented by opase)
Indice Syntec (presented by opase)Indice Syntec (presented by opase)
Indice Syntec (presented by opase)opase
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001PECB
 
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityCISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityKarthikeyan Dhayalan
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS ComplianceSaumya Vishnoi
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
CISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and TestingCISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and TestingSam Bowne
 
Database security
Database securityDatabase security
Database securityMurchana Borah
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness TrainingDr Madhu Aman Sharma
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapWAJAHAT IQBAL
 
Hipaa hitech requirements
Hipaa hitech requirementsHipaa hitech requirements
Hipaa hitech requirementsDQS Inc.
 
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible
 

Más contenido relacionado

La actualidad más candente

NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA
 
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...PECB
 
Top management role to implement ISO 27001
Top management role to implement ISO 27001Top management role to implement ISO 27001
Top management role to implement ISO 27001PECB
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
ISMS Awareness IT Staff
ISMS Awareness IT StaffISMS Awareness IT Staff
ISMS Awareness IT StaffTooba Khaliq
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013scttmcvy
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureKarthikeyan Dhayalan
 
Indice Syntec (presented by opase)
Indice Syntec (presented by opase)Indice Syntec (presented by opase)
Indice Syntec (presented by opase)opase
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMSBusiness Beam
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001PECB
 
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityCISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityKarthikeyan Dhayalan
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
CISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and TestingCISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and TestingSam Bowne
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapWAJAHAT IQBAL
 

La actualidad más candente (20)

NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation GuideNQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
 
SOC 2 and You
SOC 2 and YouSOC 2 and You
SOC 2 and You
 
CISSP - Security Assessment
CISSP - Security AssessmentCISSP - Security Assessment
CISSP - Security Assessment
 
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
Best Practices for Access Reviews - How to Reduce Risks and Improve Operation...
 
Top management role to implement ISO 27001
Top management role to implement ISO 27001Top management role to implement ISO 27001
Top management role to implement ISO 27001
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013
 
ISMS Awareness IT Staff
ISMS Awareness IT StaffISMS Awareness IT Staff
ISMS Awareness IT Staff
 
Implementing ISO27001 2013
Implementing ISO27001 2013Implementing ISO27001 2013
Implementing ISO27001 2013
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architecture
 
GDPR RACI.pdf
GDPR RACI.pdfGDPR RACI.pdf
GDPR RACI.pdf
 
Indice Syntec (presented by opase)
Indice Syntec (presented by opase)Indice Syntec (presented by opase)
Indice Syntec (presented by opase)
 
What is ISO 27001 ISMS
What is ISO 27001 ISMSWhat is ISO 27001 ISMS
What is ISO 27001 ISMS
 
Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001Best Practices in Auditing ISO/IEC 27001
Best Practices in Auditing ISO/IEC 27001
 
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityCISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset Security
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS Compliance
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
CISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and TestingCISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and Testing
 
Database security
Database securityDatabase security
Database security
 
27001 awareness Training
27001 awareness Training27001 awareness Training
27001 awareness Training
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmap
 

Destacado

Hipaa hitech requirements
Hipaa hitech requirementsHipaa hitech requirements
Hipaa hitech requirementsDQS Inc.
 
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible
 
Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceHostway|HOSTING
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slidesprojectwinner
 
Data Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationData Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationMike Nowakowski
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemSecurityMetrics
 
Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry MetricStream Inc
 
Your Cause Employee Philanthropy Program
Your Cause Employee Philanthropy ProgramYour Cause Employee Philanthropy Program
Your Cause Employee Philanthropy Programkbuckland
 
I 9 compliance- how to avoid errors
I 9 compliance- how to avoid errorsI 9 compliance- how to avoid errors
I 9 compliance- how to avoid errorscomplianceonline123
 
Xoriant - Financial services expertise
Xoriant - Financial services expertiseXoriant - Financial services expertise
Xoriant - Financial services expertiseXoriant Corporation
 
Progressive-2Q 07 QSR
Progressive-2Q 07 QSRProgressive-2Q 07 QSR
Progressive-2Q 07 QSRfinance18
 
The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...
The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...
The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...Enterprise Technology Management (ETM)
 
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015Craig Taggart MBA
 
ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...
ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...
ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...ComplianceOnline
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk managementMetricStream Inc
 

Destacado (16)

Hipaa hitech requirements
Hipaa hitech requirementsHipaa hitech requirements
Hipaa hitech requirements
 
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloudAptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
Aptible, AWS, and Telepharm: Architecting HIPAA compliance for the cloud
 
Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA Compliance
 
HIPAA Safeguard Slides
HIPAA Safeguard SlidesHIPAA Safeguard Slides
HIPAA Safeguard Slides
 
Data Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-IdentificationData Privacy: Anonymization & Re-Identification
Data Privacy: Anonymization & Re-Identification
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your Problem
 
Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry Powering SOX, NERC, FERC Compliance -Energy Industry
Powering SOX, NERC, FERC Compliance -Energy Industry
 
Red Flags of Money Laundering
Red Flags of Money LaunderingRed Flags of Money Laundering
Red Flags of Money Laundering
 
Your Cause Employee Philanthropy Program
Your Cause Employee Philanthropy ProgramYour Cause Employee Philanthropy Program
Your Cause Employee Philanthropy Program
 
I 9 compliance- how to avoid errors
I 9 compliance- how to avoid errorsI 9 compliance- how to avoid errors
I 9 compliance- how to avoid errors
 
Xoriant - Financial services expertise
Xoriant - Financial services expertiseXoriant - Financial services expertise
Xoriant - Financial services expertise
 
Progressive-2Q 07 QSR
Progressive-2Q 07 QSRProgressive-2Q 07 QSR
Progressive-2Q 07 QSR
 
The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...
The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...
The Unexpected Benefits of a Unified Approach to Governance, Risk, and Compli...
 
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
ComplianceOnline PPT Format 2015 SEC’s New Whistleblower Rules 5.12.2015
 
ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...
ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...
ComplianceOnline Virtual Seminar - IFRS and Effective Fraud Prevention Strate...
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
 

Similar a Complying with HIPAA Security Rule

HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesCMDLMS
 
HIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician PracticesHIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician PracticesCole Libby
 
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...Michigan Primary Care Association
 
Confidentiality in the healthcare system
Confidentiality in the healthcare systemConfidentiality in the healthcare system
Confidentiality in the healthcare systempfor2012
 
HIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesHIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesConference Panel
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightScale
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTControlCase
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceJay Hodes
 

Similar a Complying with HIPAA Security Rule (20)

HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk Assessment
 
Agiliance Wp Hipaa
Agiliance Wp HipaaAgiliance Wp Hipaa
Agiliance Wp Hipaa
 
Agiliance HIPAA Whitepaper
Agiliance HIPAA WhitepaperAgiliance HIPAA Whitepaper
Agiliance HIPAA Whitepaper
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
 
Hi103 week 5 chpt 12
Hi103 week 5 chpt 12Hi103 week 5 chpt 12
Hi103 week 5 chpt 12
 
Hm300 week 7 part 2 of 2
Hm300 week 7 part 2 of 2Hm300 week 7 part 2 of 2
Hm300 week 7 part 2 of 2
 
Hm300 week 7 part 2 of 2
Hm300 week 7 part 2 of 2Hm300 week 7 part 2 of 2
Hm300 week 7 part 2 of 2
 
HIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician PracticesHIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician Practices
 
HM480 Ab103318 ch11
HM480 Ab103318 ch11HM480 Ab103318 ch11
HM480 Ab103318 ch11
 
HIPAA
HIPAAHIPAA
HIPAA
 
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
MPCA HIPAA Compliance/Meaningful Use Requirements and Security Risk Assessmen...
 
Confidentiality in the healthcare system
Confidentiality in the healthcare systemConfidentiality in the healthcare system
Confidentiality in the healthcare system
 
3 02
3 023 02
3 02
 
HIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesHIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and Guidelines
 
HIPAA omnibus rule update
HIPAA omnibus rule updateHIPAA omnibus rule update
HIPAA omnibus rule update
 
Rightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloudRightscale webinar-hipaa-public-cloud
Rightscale webinar-hipaa-public-cloud
 
Chapter 9
Chapter 9Chapter 9
Chapter 9
 
Healthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUSTHealthcare Compliance: HIPAA and HITRUST
Healthcare Compliance: HIPAA and HITRUST
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 

Más de complianceonline123

Fda adverse event reporting requirements for otc drugs
Fda adverse event reporting requirements for otc drugsFda adverse event reporting requirements for otc drugs
Fda adverse event reporting requirements for otc drugscomplianceonline123
 
Social media risks rules policies procedures
Social media risks rules policies proceduresSocial media risks rules policies procedures
Social media risks rules policies procedurescomplianceonline123
 
Excel spreadsheets how to ensure 21 cfr part 11 compliance
Excel spreadsheets how to ensure 21 cfr part 11 complianceExcel spreadsheets how to ensure 21 cfr part 11 compliance
Excel spreadsheets how to ensure 21 cfr part 11 compliancecomplianceonline123
 
Out in the open protecting your privacy in the digital age
Out in the open protecting your privacy in the digital ageOut in the open protecting your privacy in the digital age
Out in the open protecting your privacy in the digital agecomplianceonline123
 
Reaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s Potential
Reaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s PotentialReaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s Potential
Reaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s Potentialcomplianceonline123
 
Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit complianceonline123
 
Aml non bank finanacial institutions
Aml non bank finanacial institutionsAml non bank finanacial institutions
Aml non bank finanacial institutionscomplianceonline123
 
Gdp how to manage documentation lifecycle
Gdp how to manage documentation lifecycleGdp how to manage documentation lifecycle
Gdp how to manage documentation lifecyclecomplianceonline123
 

Más de complianceonline123 (20)

Fda adverse event reporting requirements for otc drugs
Fda adverse event reporting requirements for otc drugsFda adverse event reporting requirements for otc drugs
Fda adverse event reporting requirements for otc drugs
 
Social media risks rules policies procedures
Social media risks rules policies proceduresSocial media risks rules policies procedures
Social media risks rules policies procedures
 
Fmla ada overlap
Fmla ada overlapFmla ada overlap
Fmla ada overlap
 
Hipaa enforcement examples
Hipaa enforcement examplesHipaa enforcement examples
Hipaa enforcement examples
 
Excel spreadsheets how to ensure 21 cfr part 11 compliance
Excel spreadsheets how to ensure 21 cfr part 11 complianceExcel spreadsheets how to ensure 21 cfr part 11 compliance
Excel spreadsheets how to ensure 21 cfr part 11 compliance
 
Retail loss
Retail lossRetail loss
Retail loss
 
Hipaa privacy rule
Hipaa privacy ruleHipaa privacy rule
Hipaa privacy rule
 
Fda warning letters
Fda warning lettersFda warning letters
Fda warning letters
 
Dietary supplement
Dietary supplementDietary supplement
Dietary supplement
 
Out in the open protecting your privacy in the digital age
Out in the open protecting your privacy in the digital ageOut in the open protecting your privacy in the digital age
Out in the open protecting your privacy in the digital age
 
Reaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s Potential
Reaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s PotentialReaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s Potential
Reaching Clean Power Plan Goals at No Cost: Securing the Smart Grid’s Potential
 
Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit Audit Process: How to Successfully Plan Audit
Audit Process: How to Successfully Plan Audit
 
Basics of internal audit
Basics of internal auditBasics of internal audit
Basics of internal audit
 
Free trade zones
Free trade zonesFree trade zones
Free trade zones
 
Sec what you need to know
Sec what you need to knowSec what you need to know
Sec what you need to know
 
Auditing your grc programs
Auditing your grc programsAuditing your grc programs
Auditing your grc programs
 
Aml non bank finanacial institutions
Aml non bank finanacial institutionsAml non bank finanacial institutions
Aml non bank finanacial institutions
 
Gdp how to manage documentation lifecycle
Gdp how to manage documentation lifecycleGdp how to manage documentation lifecycle
Gdp how to manage documentation lifecycle
 
Workplace harrasment
Workplace harrasmentWorkplace harrasment
Workplace harrasment
 
Good documentation practices
Good documentation practicesGood documentation practices
Good documentation practices
 

Último

Single Assessment Framework - What We Know So Far
Single Assessment Framework - What We Know So FarSingle Assessment Framework - What We Know So Far
Single Assessment Framework - What We Know So FarCareLineLive
 
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service GoaRussian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goanarwatsonia7
 
Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...
Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...
Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...narwatsonia7
 
2025 Inpatient Prospective Payment System (IPPS) Proposed Rule
2025 Inpatient Prospective Payment System (IPPS) Proposed Rule2025 Inpatient Prospective Payment System (IPPS) Proposed Rule
2025 Inpatient Prospective Payment System (IPPS) Proposed RuleShelby Lewis
 
Call Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts Service
Call Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts ServiceCall Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts Service
Call Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts Servicenarwatsonia7
 
Call Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any TimeCall Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any Timedelhimodelshub1
 
Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...
Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...
Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...High Profile Call Girls Chandigarh Aarushi
 
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...High Profile Call Girls Chandigarh Aarushi
 
Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...
Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...
Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...scanFOAM
 
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...ggsonu500
 
Hi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbers
Hi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbersHi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbers
Hi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbersnarwatsonia7
 
Kukatpally Call Girls Services 9907093804 High Class Babes Here Call Now
Kukatpally Call Girls Services 9907093804 High Class Babes Here Call NowKukatpally Call Girls Services 9907093804 High Class Babes Here Call Now
Kukatpally Call Girls Services 9907093804 High Class Babes Here Call NowHyderabad Call Girls Services
 
Call Girls Uppal 7001305949 all area service COD available Any Time
Call Girls Uppal 7001305949 all area service COD available Any TimeCall Girls Uppal 7001305949 all area service COD available Any Time
Call Girls Uppal 7001305949 all area service COD available Any Timedelhimodelshub1
 
Call Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any TimeCall Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any Timedelhimodelshub1
 
Basics of Anatomy- Language of Anatomy.pptx
Basics of Anatomy- Language of Anatomy.pptxBasics of Anatomy- Language of Anatomy.pptx
Basics of Anatomy- Language of Anatomy.pptxAyush Gupta
 
EMS and Extrication: Coordinating Critical Care
EMS and Extrication: Coordinating Critical CareEMS and Extrication: Coordinating Critical Care
EMS and Extrication: Coordinating Critical CareRommie Duckworth
 

Último (20)

Single Assessment Framework - What We Know So Far
Single Assessment Framework - What We Know So FarSingle Assessment Framework - What We Know So Far
Single Assessment Framework - What We Know So Far
 
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service GoaRussian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
 
Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...
Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...
Call Girls Service Bommasandra - Call 7001305949 Rs-3500 with A/C Room Cash o...
 
Russian Call Girls South Delhi 9711199171 discount on your booking
Russian Call Girls South Delhi 9711199171 discount on your bookingRussian Call Girls South Delhi 9711199171 discount on your booking
Russian Call Girls South Delhi 9711199171 discount on your booking
 
2025 Inpatient Prospective Payment System (IPPS) Proposed Rule
2025 Inpatient Prospective Payment System (IPPS) Proposed Rule2025 Inpatient Prospective Payment System (IPPS) Proposed Rule
2025 Inpatient Prospective Payment System (IPPS) Proposed Rule
 
Call Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts Service
Call Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts ServiceCall Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts Service
Call Girl Service ITPL - [ Cash on Delivery ] Contact 7001305949 Escorts Service
 
Call Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any TimeCall Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any Time
 
Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...
Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...
Call Girl Chandigarh Mallika ❤️🍑 9907093804 👄🫦 Independent Escort Service Cha...
 
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
 
Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...
Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...
Experience learning - lessons from 25 years of ATACC - Mark Forrest and Halde...
 
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
 
Hi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbers
Hi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbersHi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbers
Hi,Fi Call Girl In Marathahalli - 7001305949 with real photos and phone numbers
 
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service LucknowVIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
 
Kukatpally Call Girls Services 9907093804 High Class Babes Here Call Now
Kukatpally Call Girls Services 9907093804 High Class Babes Here Call NowKukatpally Call Girls Services 9907093804 High Class Babes Here Call Now
Kukatpally Call Girls Services 9907093804 High Class Babes Here Call Now
 
Call Girl Dehradun Aashi 🔝 7001305949 🔝 💃 Independent Escort Service Dehradun
Call Girl Dehradun Aashi 🔝 7001305949 🔝 💃 Independent Escort Service DehradunCall Girl Dehradun Aashi 🔝 7001305949 🔝 💃 Independent Escort Service Dehradun
Call Girl Dehradun Aashi 🔝 7001305949 🔝 💃 Independent Escort Service Dehradun
 
Call Girls Uppal 7001305949 all area service COD available Any Time
Call Girls Uppal 7001305949 all area service COD available Any TimeCall Girls Uppal 7001305949 all area service COD available Any Time
Call Girls Uppal 7001305949 all area service COD available Any Time
 
Call Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any TimeCall Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any Time
 
Call Girls in Lucknow Esha 🔝 8923113531 🔝 🎶 Independent Escort Service Lucknow
Call Girls in Lucknow Esha 🔝 8923113531 🔝 🎶 Independent Escort Service LucknowCall Girls in Lucknow Esha 🔝 8923113531 🔝 🎶 Independent Escort Service Lucknow
Call Girls in Lucknow Esha 🔝 8923113531 🔝 🎶 Independent Escort Service Lucknow
 
Basics of Anatomy- Language of Anatomy.pptx
Basics of Anatomy- Language of Anatomy.pptxBasics of Anatomy- Language of Anatomy.pptx
Basics of Anatomy- Language of Anatomy.pptx
 
EMS and Extrication: Coordinating Critical Care
EMS and Extrication: Coordinating Critical CareEMS and Extrication: Coordinating Critical Care
EMS and Extrication: Coordinating Critical Care
 

Complying with HIPAA Security Rule

  • 1. Complying with HIPAA Security Rule
  • 2. What is HIPAA? • HIPAA: Health Insurance Portability and Accountability Act • It was passed by Congress in 1996 • It includes requirements for: – Transfer and continuation of health insurance coverage for millions of American workers and their families when they change or lose their jobs – Reducing healthcare fraud and waste – The protection and confidential handling of protected health information
  • 3. HIPAA Security Rule • Establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. • Requires appropriate safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. • Safeguards include: – Administrative – Physical – Technical
  • 4. Administrative Safeguards HIPAA security rule requires covered entities to implement the following administrative safeguards: • Security Management Process • Security Personnel • Information Access Management • Workforce Training • Evaluation
  • 5. Physical Safeguards The security rule requires covered entities to implement physical safeguards such as: • Facility Access and Control – Access can be restricted through use of access cards, biometric scanners, keys, pass codes and so on • Workstation and Device Security – Develop and implement policies for workstation and device security – Implement unique password/user ids for each user – Proper user logs and records should be maintained
  • 6. Technical Safeguards The security rule requires a covered entity to implement technical safeguards such as: • Access Controls • Audit Controls • Integrity Controls • Transmission Security
  • 7. Want to learn more about HIPAA, HIPAA Privacy and Security Rule, its requirements and best practices to comply with them? ComplianceOnline webinars and seminars are a great training resource. Check out the following links: • How to examine security policies, practices, and risk issues to comply with HIPAA • How to use social media and texting without breaking HIPAA rules • How to Conduct risk analysis to comply with HIPAA • HIPAA/HITECH Assessment for Healthcare Business Associates • How to comply with HIPAA Omnibus Rule • Understanding new rules and responsibilities of Privacy Officer under HIPAA • HIPAA Security and Breach Rule Compliance