Cerrato, Paul,
Protecting patient information : a decision-maker's guide to risk, prevention, and damage control / [electronic resource] Paul Cerrato ; Jason Andress, technical editor. - 1 online resource
Includes index.
Includes bibliographical references and index.
Cover ; Title Page; Copyright Page; Disclaimer; Dedication; Contents; About the Author; Preface; Chapter 1 -- Dissecting a Book Title; Chapter 2 -- How Well Protected is Your Protected Health Information? Perception Versus Reality; The Cost of Insecurity is Steep; A Closer Look at Data Breach Fines; Do not ignore individual states in breach investigations; Fines are Only Part of the Problem; Factoring in the Meaningful Use Program; Calculating the Cost of Security; References; Chapter 3 -- Regulations Governing Protected Health Information; Defining the Crown Jewels. HIPAA Privacy Versus Security Rules: Related But DifferentTechnology is only part of the equation; Enforcing HIPAA Regulations; A closer look at the HIPAA Security Rule; The HIPAA Breach Notification Rule; The Role of the Federal Trade Commission; Do not forget State Laws; References; Chapter 4 -- Risk Analysis; Learning the jargon; Vulnerability; Threat Versus Risk; Compliance Versus Management; The ONC Approach to Risk Analysis and Security Management; Step 1; Step 2; Step 3; Step 4; Finding the Right Analysis Tools; Tapping the HHS Resources. Beware the "Required" Versus "Addressable" ConfusionMoving Beyond a Checklist of Security Questions; References; Chapter 5 -- Reducing the Risk of a Data Breach; Seeing the larger picture; The best mindset: guilty until proven innocent; Passwords, Policies, and Procedures; Establishing Effective Governance; Technological Solutions; Encryption; Firewalls; Antimalware/Antiviral Software; Access Control; Intrusion Detection and Intrusion Prevention Systems; Faxing Solutions; Auditing Your Computer Systems; Making Email More Secure; Establishing Physical Safeguards; Protecting Big Data. Testing Your Network SecurityCybersecurity Insurance; References; Chapter 6 -- Mobile Device Security; Thinking strategically; Covering the Basics; BYOD: Bring Your Own Disaster?; Mobile Device Management Software; The Virtues of Virtual Private Networks; Appreciating the Difference Between Http and Https; References; Chapter 7 -- Medical Device Security; How real is the threat?; Taking a closer look at the "pathology" behind medjacking; What is the FDA Doing?; Dealing with Existing Medical Device Vulnerabilities; How are medical device companies coping?; Firming up the Firmware. Are medical device manufacturers HIPAA accountable?Weighing Your Security Options; References; Chapter 8 -- Educating Medical and Administrative Staff; Culture before education; Seeing the Bigger Picture; Understanding the Psychology of Change; Managing the Training Process; What Should the Training Consist of?; References; Chapter 9 -- HIPAA, HITECH, and the Business Associate; Evaluating the Threat; Are you a Business Associate?; Formal Agreements are a Must; More Exceptions to the Rule; What Should a Business Associate Agreement Look Like?; References. Chapter 10 -- Preparing for and Coping With a Data Breach.
9780128044117 012804411X
101688820 DNLM
Medical records--Access control.
Data protection--Great Britain.
Confidential communications--Physicians.
BUSINESS & ECONOMICS--General.
Confidential communications--Physicians.
Data protection.
Medical records--Access control.
Electronic Health Records.
Computer Security.
Confidentiality.
Decision Making.
Risk.
Health Information Management--standards.
Great Britain.
Electronic books.
Electronic book.
RA976
651.504261
2016 F-929 WX 175
Protecting patient information : a decision-maker's guide to risk, prevention, and damage control / [electronic resource] Paul Cerrato ; Jason Andress, technical editor. - 1 online resource
Includes index.
Includes bibliographical references and index.
Cover ; Title Page; Copyright Page; Disclaimer; Dedication; Contents; About the Author; Preface; Chapter 1 -- Dissecting a Book Title; Chapter 2 -- How Well Protected is Your Protected Health Information? Perception Versus Reality; The Cost of Insecurity is Steep; A Closer Look at Data Breach Fines; Do not ignore individual states in breach investigations; Fines are Only Part of the Problem; Factoring in the Meaningful Use Program; Calculating the Cost of Security; References; Chapter 3 -- Regulations Governing Protected Health Information; Defining the Crown Jewels. HIPAA Privacy Versus Security Rules: Related But DifferentTechnology is only part of the equation; Enforcing HIPAA Regulations; A closer look at the HIPAA Security Rule; The HIPAA Breach Notification Rule; The Role of the Federal Trade Commission; Do not forget State Laws; References; Chapter 4 -- Risk Analysis; Learning the jargon; Vulnerability; Threat Versus Risk; Compliance Versus Management; The ONC Approach to Risk Analysis and Security Management; Step 1; Step 2; Step 3; Step 4; Finding the Right Analysis Tools; Tapping the HHS Resources. Beware the "Required" Versus "Addressable" ConfusionMoving Beyond a Checklist of Security Questions; References; Chapter 5 -- Reducing the Risk of a Data Breach; Seeing the larger picture; The best mindset: guilty until proven innocent; Passwords, Policies, and Procedures; Establishing Effective Governance; Technological Solutions; Encryption; Firewalls; Antimalware/Antiviral Software; Access Control; Intrusion Detection and Intrusion Prevention Systems; Faxing Solutions; Auditing Your Computer Systems; Making Email More Secure; Establishing Physical Safeguards; Protecting Big Data. Testing Your Network SecurityCybersecurity Insurance; References; Chapter 6 -- Mobile Device Security; Thinking strategically; Covering the Basics; BYOD: Bring Your Own Disaster?; Mobile Device Management Software; The Virtues of Virtual Private Networks; Appreciating the Difference Between Http and Https; References; Chapter 7 -- Medical Device Security; How real is the threat?; Taking a closer look at the "pathology" behind medjacking; What is the FDA Doing?; Dealing with Existing Medical Device Vulnerabilities; How are medical device companies coping?; Firming up the Firmware. Are medical device manufacturers HIPAA accountable?Weighing Your Security Options; References; Chapter 8 -- Educating Medical and Administrative Staff; Culture before education; Seeing the Bigger Picture; Understanding the Psychology of Change; Managing the Training Process; What Should the Training Consist of?; References; Chapter 9 -- HIPAA, HITECH, and the Business Associate; Evaluating the Threat; Are you a Business Associate?; Formal Agreements are a Must; More Exceptions to the Rule; What Should a Business Associate Agreement Look Like?; References. Chapter 10 -- Preparing for and Coping With a Data Breach.
9780128044117 012804411X
101688820 DNLM
Medical records--Access control.
Data protection--Great Britain.
Confidential communications--Physicians.
BUSINESS & ECONOMICS--General.
Confidential communications--Physicians.
Data protection.
Medical records--Access control.
Electronic Health Records.
Computer Security.
Confidentiality.
Decision Making.
Risk.
Health Information Management--standards.
Great Britain.
Electronic books.
Electronic book.
RA976
651.504261
2016 F-929 WX 175