Information Security and Privacy Compliance Work Plan by Rebecca Herold, The Privacy Professor
The following is a high-level work plan to create an information security and privacy program to meet compliance with HIPAA, HITECH and other regulatory and contractual requirements. The areas listed will vary depending upon the organization’s business model, size, number of geographic locations, other applicable legal requirements, and any other unique factors. Each organization should use this as a starting point and change appropriately for its own unique business situation.
Have You Conducted a Security Risk Analysis under 45 CFR 164.308(a)(1) (HIPAA Security Rule)
If you want to qualify for "meaningful use" you have to be compliant with HIPAA HITECH, specifically you must do a risk analysis under 45 CFR 164.308(a)(1) (HIPAA Security Rule).
David Blumenthal Emphasizes Privacy and Security in HITECH Act
As healthcare ponders "meaningful use" they need to also remember "willful neglect". David Blumenthal, in his New England Journalof Medicine, emphasized protecting privacy and security as a key factor in the HITECH Act.
HITECH Act Webinar February 10th
At our HITECH Act Webinar on February 10th, Rebecca Herold, CISM, CISSP, CISA, CIPP, FLMI, one of the top privacy and information security experts, and Amy Leopard Esq, a leading healthcare IT attorney, give you the complete picture of the HITECH Act, its impact, and what to do next. Space is limited. Reserve your Webinar seat now at: https://www2.gotomeeting.com/register/207314795
HIPAA HITECH Compliance is an Ongoing Process
HIPAA HITECH compliance requires an ongoing process driven by policies and procedures which are the business rules by which you run your company.
There's No Such Thing as a HITECH compliant tool.
ONC states that just because you have a certified EHR that does not necessarily mean that you have met the privacy and information security requirements of the HITECH Act. Compliance is a process, not a tool.
Subscribe via RSSCategories
- HIPAA HITECH Act
- HIPAA Covered Entity
- HIPAA Business Associates
- Health Information Privacy
- HIPAA Compliance Online Software
- HIPAA Compliant Checklist
Recent Blog Posts
- HIPAA Medical data breaches most often caused by theft
- HIPAA Violations with Paper Records by Business Associate and Sub-Contractor
- Information Security and Privacy Compliance Work Plan by Rebecca Herold, The Privacy Professor
- Business Associates Must Comply with Ther HIPAA Contracts, Now!
- 44% of CIOs say Business Associates Not Ready for "Meaningful Use":Pricewaterhouse Coopers Study Shows
- Business Associates Liable for Breach of Their Business Associate Agreements, Effective February 17, 2010
- more from the blog
