1 / 9

HIPAA Security The Biggest Challenge!

HIPAA Security The Biggest Challenge!. Presented by: Bob Perlitz President/CEO Healthcare IS Consultants LLC. The “Pretenders”. 164.312 Technical Safeguards (b) Standard: Audit Controls - Required 164.308 Administrative Safeguards (a) (7) (i) Standard: Contingency Plan

khuyen
Download Presentation

HIPAA Security The Biggest Challenge!

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HIPAA SecurityThe Biggest Challenge! Presented by: Bob Perlitz President/CEOHealthcare IS Consultants LLC

  2. The “Pretenders” • 164.312 Technical Safeguards • (b) Standard: Audit Controls - Required • 164.308 Administrative Safeguards • (a) (7) (i) Standard: Contingency Plan • (A) Data Backup Plan - Required • (B) Disaster Recovery Plan – Required • (C) Emergency Mode Operations Plan - Required • (D) Testing & Revision Procedures – Addressable • (E) Applications & Data Criticality - Addressable

  3. The “Contender”Access Controls • 164.308 Administrative Safeguards • (a) (3) Workforce Security – Addressable • 1 Specification • (a) (4) Information Access Management – Addressable • 2 Specifications • 164.310 Physical Safeguards • (a) Facility Access Controls – Addressable • 4 Specifications • 164.312 Technical Safeguards • (a) Access Control – 2 Required and2 Addressable • 4 Specifications

  4. The “Undisputed Champ” Security Management Process • Risk Analysis - Required • Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity. • Risk Management - Required • Implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level to comply with § 164.306(a)

More Related