HIPAA is very complex. So are the privacy and security initiatives that must occur to reach and maintain HIPAA compliance. Organizations need a quick, concise reference in order to meet HIPAA requirements and maintain ongoing compliance. The Practical Guide to HIPAA Privacy and Security Compliance is a one-stop resource for real-world HIPAA

Following in the footsteps of its bestselling predecessor, The Practical Guide to HIPAA Privacy and Security Compliance, Second Edition is a one-stop, up-to-date resource on Health Insurance Portability and Accountability Act (HIPAA) privacy and security, including details on the HITECH Act, the 2013 Omnibus Rule, and the pending rules. Updated and revised with several new sections, this edition defines what HIPAA is, what it requires, and what you need to do to achieve compliance. The book provides an easy-to-understand overview of HIPAA privacy and security rules and compliance tasks. Supplying authoritative insights into real-world HIPAA privacy and security issues, it summarizes the analysis, training, and technology needed to properly plan and implement privacy and security policies, training, and an overall program to manage information risks. Instead of focusing on technical jargon, the book spells out what your organization must do to achieve and maintain compliance requirements on an ongoing basis.

Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page, 4 volume stand-alone reference is organized under the C

Since 1993, the Information Security Management Handbook has served not only as an everyday reference for information security practitioners but also as an important document for conducting the intense review necessary to prepare for the Certified Information System Security Professional (CISSP) examination. Now completely revised and updated and i

Edited by experts, this book brings together the collective experience of trail blazers. A glance through the contents demonstrates the breadth and depth of coverage, not only in topics included but also in expertise provided by the chapter authors. They are the pioneers, who, while initially making it up as they went along, now provide the next generation a guide to success. This is not a how-to book or a collection of technical data, it does not cover products or technology or provide a recapitulation of the common body of knowledge. Capturing years of hard knocks, success stories, and yes, failures, it delineates information needed and includes from-the-trenches advice on how to have a successful career in this field.

Protecting Patient Information: A Decision-Maker's Guide to Risk, Prevention, and Damage Control provides the concrete steps needed to tighten the information security of any healthcare IT system and reduce the risk of exposing patient health information (PHI) to the public. The book offers a systematic, 3-pronged approach for addressing the IT security deficits present in healthcare organizations of all sizes. Healthcare decision-makers are shown how to conduct an in-depth analysis of their organization's information risk level. After this assessment is complete, the book offers specific measures for lowering the risk of a data breach, taking into account federal and state regulations governing the use of patient data. Finally, the book outlines the steps necessary when an organization experiences a data breach, even when it has taken all the right precautions. - Written for physicians, nurses, healthcare executives, and business associates who need to safeguard patient health information - Shows how to put in place the information security measures needed to reduce the threat of data breach - Teaches physicians that run small practices how to protect their patient's data - Demonstrates to decision-makers of large and small healthcare organizations the urgency of investing in cybersecurity

Key Advances in Clinical Informatics: Transforming Health Care through Health Information Technology provides a state-of-the-art overview of the most current subjects in clinical informatics. Leading international authorities write short, accessible, well-referenced chapters which bring readers up-to-date with key developments and likely future advances in the relevant subject areas. This book encompasses topics such as inpatient and outpatient clinical information systems, clinical decision support systems, health information technology, genomics, mobile health, telehealth and cloud-based computing. Additionally, it discusses privacy, confidentiality and security required for health data. Edited by internationally recognized authorities in the field of clinical informatics, the book is a valuable resource for medical/nursing students, clinical informaticists, clinicians in training, practicing clinicians and allied health professionals with an interest in health informatics. - Presents a state-of-the-art overview of the most current subjects in clinical informatics. - Provides summary boxes of key points at the beginning of each chapter to impart relevant messages in an easily digestible fashion - Includes internationally acclaimed experts contributing to chapters in one accessible text - Explains and illustrates through international case studies to show how the evidence presented is applied in a real world setting

Health informatics is the discipline concerned with the management of healthcare data and information through the application of computers and other information technologies. The field focuses more on identifying and applying information in the healthcare field and less on the technology involved. Our goal is to stimulate and educate healthcare and IT professionals and students about the key topics in this rapidly changing field. This seventh edition reflects the current knowledge in the topics listed below and provides learning objectives, key points, case studies and extensive references. Available as a paperback and eBook. Visit the textbook companion website at http://informaticseducation.org for more information.--Page 4 de la couverture.

Develop and implement an effective end-to-end security program Today’s complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security—from concepts to details—this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional. Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You’ll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike. Understand security concepts and building blocks Identify vulnerabilities and mitigate risk Optimize authentication and authorization Use IRM and encryption to protect unstructured data Defend storage devices, databases, and software Protect network routers, switches, and firewalls Secure VPN, wireless, VoIP, and PBX infrastructure Design intrusion detection and prevention systems Develop secure Windows, Java, and mobile applications Perform incident response and forensic analysis

Presenting an in-depth perspective of the ISO/IEC 17799 Information Security Standard, this book provides a detailed analysis of how to effectively measure an information security program using this standard. It includes a qualitative-based risk assessment methodology and describes a quantitative measurement framework that organizations can adopt and implement within the risk assessment process, allowing firms to customize practices to their own needs. This text also includes a comprehensive gap analysis of the recently rescinded standard against the newly released version, making the transition to the new standard much easier for organizations and practitioners.