Following in the footsteps of its bestselling predecessor, The Practical Guide to HIPAA Privacy and Security Compliance, Second Edition is a one-stop, up-to-date resource on Health Insurance Portability and Accountability Act (HIPAA) privacy and security, including details on the HITECH Act, the 2013 Omnibus Rule, and the pending rules. Updated and revised with several new sections, this edition defines what HIPAA is, what it requires, and what you need to do to achieve compliance.
The book provides an easy-to-understand overview of HIPAA privacy and security rules and compliance tasks. Supplying authoritative insights into real-world HIPAA privacy and security issues, it summarizes the analysis, training, and technology needed to properly plan and implement privacy and security policies, training, and an overall program to manage information risks. Instead of focusing on technical jargon, the book spells out what your organization must do to achieve and maintain compliance requirements on an ongoing basis.
Chapter 1: Introduction to HIPAA
Chapter 2: Related Regulations, Laws, Standards, and Guidance
Chapter 3: Preparing for HIPAA, HITECH, and Other Compliance Changes
Chapter 4: HIPAA Cost Considerations
Chapter 5: Relationship between Security and Privacy
Chapter 6: HIPAA Privacy Rule Requirements Overview
Chapter 7: Performing a Privacy Rule Gap Analysis and Risk Analysis
Chapter 8: Writing Effective Privacy Policies
Chapter 9: State Preemption
Chapter 10: Crafting a Privacy Implementation Plan
Chapter 11: Privacy Rule Compliance Checklist
Chapter 12: Security Rule Requirements Overview
Chapter 13: Performing a Security Rule Risk Analysis
Chapter 14: Writing Effective Information Security Policies
Chapter 15: Crafting a Security Implementation Plan
Chapter 16: Security Rule Compliance Checklist
Chapter 17: Health Care Provider Issues
Chapter 18: Health Care Clearinghouse Issues
Chapter 19: Health Plan Issues
Chapter 20: Employer Issues
Chapter 21: Business Associate Issues
Chapter 22: Building a HIPAA-Compliant Technology Infrastructure
Chapter 23: Crafting Security Incident Procedures and Contingency Plans
Chapter 24: Outsourcing Information Technology Services
Chapter 25: HIPAA Training, Education, and Awareness
Chapter 26: Performing Ongoing HIPAA Compliance Reviews and Audits
Appendix A: Enforcement and Sanctions
Appendix B: HIPAA Glossary
Appendix C: Model Incident and Privacy Response Procedures
Appendix D: HIPAA Resources
