وبلاگ بلیان

Healthcare information privacy and security : regulatory compliance and data security in the age of electronic health records

معرفی کتاب «Healthcare information privacy and security : regulatory compliance and data security in the age of electronic health records» نوشتهٔ Bernard Peter Robichau، منتشرشده توسط نشر Apress : Imprint: Apress در سال 2014. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

This book outlines the new regulatory regime, and provides IT professionals with the processes and protocols, standards, and governance tools they need to maintain a secure and legal environment for data and records. Topics covered include : identity and access management systems; proper application design; physical and environmental safeguards; systemwide and client-based security configurations; safeguards for patient data; training and auditing procedures; governance and policy administration; the basics of HITECH, HIPAA, and other federal laws driving change in healthcare IT; how to identify the core issues of privacy and security in a healthcare environment; the steps required to develop and execute a security project plan; the technologies and tools available to aid in the process of deploying a secure EHR system; the core regulatory issues and practical matters of security in a healthcare environment; the frameworks and methodology that will assist in tackling the issues of privacy and security; and the technologies impacted by matters of privacy and security along with proposals for managing them effectively. This book is for healthcare professionals who work in information technology, information security, health information management, as well as in the more specialized areas of privacy, compliance, and informatics. The book is also useful for consultants working in the field of information security, EMR vendors, and technology professionals seeking to make an entry into the world of healthcare IT Healthcare IT is the growth industry right now, and the need for guidance in regard to privacy and security is huge. Why? With new federal incentives and penalties tied to the HITECH Act, HIPAA, and the implementation of Electronic Health Record (EHR) systems, medical practices and healthcare systems are implementing new software at breakneck speed. Yet privacy and security considerations are often an afterthought, putting healthcare organizations at risk of fines and damage to their reputations. __Healthcare Information Privacy and Security: Regulatory Compliance and Data Security in the Age of Electronic Health Records__ outlines the new regulatory regime, and it also provides IT professionals with the processes and protocols, standards, and governance tools they need to maintain a secure and legal environment for data and records. It’s a concrete resource that will help you understand the issues affecting the law and regulatory compliance, privacy, and security in the enterprise. As healthcare IT security expert Bernard Peter Robichau II shows, the success of a privacy and security initiative lies not just in proper planning but also in identifying who will own the implementation and maintain technologies and processes. From executive sponsors to system analysts and administrators, a properly designed security program requires that that the right people are assigned to the right tasks and have the tools they need. Robichau explains how to design and implement that program with an eye toward long-term success. Putting processes and systems in place is, of course, only the start. Robichau also shows how to manage your security program and maintain operational support including ongoing maintenance and policy updates. (Because regulations never sleep!) This book will help you devise solutions that include: * Identity and access management systems * Proper application design * Physical and environmental safeguards * Systemwide and client-based security configurations * Safeguards for patient data * Training and auditing procedures * Governance and policy administration __Healthcare Information Privacy and Security__ is the definitive guide to help you through the process of maintaining privacy and security in the healthcare industry. It will help you keep health information safe, and it will help keep your organization—whether local clinic or major hospital system—on the right side of the law. What you’ll learn* The basics of HITECH, HIPAA, and other federal laws driving change in healthcare IT * How to identify the core issues of privacy and security in a healthcare environment. * The steps required to develop and execute a security project plan. * The technologies and tools available to aid in the process of deploying a secure EHR system. * The core regulatory issues and practical matters of security in a healthcare environment. * The frameworks and methodology that will assist in tackling the issues of privacy and security. * The technologies impacted by matters of privacy and security along with proposals for managing them effectively. Who this book is for Healthcare professionals who work in information technology, information security, health information management, as well as in the more specialized areas of privacy, compliance, and informatics. The book is also useful for consultants working in the field of information security who require a better understanding of the challenges facing the healthcare industry, EMR Vendors who are tasked with guiding their customers through a secure implementation of their product, and technology professionals seeking to make an entry into the world of Healthcare IT. Table of ContentsChapter 1. Introduction: The Long-Awaited Manual Chapter 2. Waking the Sleeping Giant: A Brief History of Healthcare IT Chapter 3. It's Not Just HIPAA: Legislating Privacy and Security Chapter 4. Assembling the Team: Bringing the Right Human Resources to the Table Chapter 5. Sifting Through the Wreckage: The Security Audit Chapter 6. Review Your Policies and Develop a Plan: Strategies for Success Chapter 7. Identity and Access Management: Know Your User Base Chapter 8. Application Design: Maximum Efficiency or Minimum Necessary? Chapter 9. Access Validation Process Chapter 10. Physical and Environmental Safeguards: Security Beyond the Ones and Zeros Chapter 11. Systemwide and Client-Based Security Configuration: Making Sure All the Pieces Fit Together Chapter 12. Safeguarding Patient Data from Prying Eyes: Knowing Where Your PHI Resides Chapter 13. People, the Most Crucial Element: Training the Masses to Respect the System Chapter 14. Business Associates: The Human Resources Just Beyond Your Reach Chapter 15. Security Project vs. Operational Support Chapter 16. Putting the Plan in Place: Ongoing Maintenance and Life after the Security Project Appendix A. Sample Business Associate Agreement Appendix B. Sample Rules of Behavior for Privileged User Accounts Appendix C. Breach Notification Process Healthcare IT is the growth industry right now, and the need for guidance in regard to privacy and security is huge. Why? With new federal incentives and penalties tied to the HITECH Act, HIPAA, and the implementation of Electronic Health Record (EHR) systems, medical practices and healthcare systems are implementing new software at breakneck speed. Yet privacy and security considerations are often an afterthought, putting healthcare organizations at risk of fines and damage to their reputations. Healthcare Information Privacy and Security: Regulatory Compliance and Data Security in the Age of Electronic Health Records outlines the new regulatory regime, and it also provides IT professionals with the processes and protocols, standards, and governance tools they need to maintain a secure and legal environment for data and records. It’s a concrete resource that will help you understand the issues affecting the law and regulatory compliance, privacy, and security in the enterprise. As healthcare IT security expert Bernard Peter Robichau II shows, the success of a privacy and security initiative lies not just in proper planning but also in identifying who will own the implementation and maintain technologies and processes. From executive sponsors to system analysts and administrators, a properly designed security program requires that that the right people are assigned to the right tasks and have the tools they need. Robichau explains how to design and implement that program with an eye toward long-term success. Putting processes and systems in place is, of course, only the start. Robichau also shows how to manage your security program and maintain operational support including ongoing maintenance and policy updates. (Because regulations never sleep!) This book will help you devise solutions that include: Identity and access management systems Proper application design Physical and environmental safeguards Systemwide and client-based security configurations Safeguards for patient data Training and auditing procedures Governance and policy administration Healthcare Information Privacy and Security is the definitive guide to help you through the process of maintaining privacy and security in the healthcare industry. It will help you keep health information safe, and it will help keep your organization—whether local clinic or major hospital system—on the right side of the law. What you’ll learn The basics of HITECH, HIPAA, and other federal laws driving change in healthcare IT How to identify the core issues of privacy and security in a healthcare environment. The steps required to develop and execute a security project plan. The technologies and tools available to aid in the process of deploying a secure EHR system. The core regulatory issues and practical matters of security in a healthcare environment. The frameworks and methodology that will assist in tackling the issues of privacy and security. The technologies impacted by matters of privacy and security along with proposals for managing them effectively. Who this book is for Healthcare professionals who work in information technology, information security, health information management, as well as in the more specialized areas of privacy, compliance, and informatics. The book is also useful for consultants working in the field of information security who require a better understanding of the challenges facing the healthcare industry, EMR Vendors who are tasked with guiding their customers through a secure implementation of their product, and technology professionals seeking to make an entry into the world of Healthcare IT. Table of Contents Chapter 1. Introduction: The Long-Awaited Manual Chapter 2. Waking the Sleeping Giant: A Brief History of Healthcare IT Chapter 3. It's Not Just HIPAA: Legislating Privacy and Security Chapter 4. Assembling the Team: Bringing the Right Human Resources to the Table Chapter 5. Sifting Through the Wreckage: The Security Audit Chapter 6. Review Your Policies and Develop a Plan: Strategies for Success Chapter 7. Identity and Access Management: Know Your User Base Chapter 8. Application Design: Maximum Efficiency or Minimum Necessary? Chapter 9. Access Validation Process Chapter 10. Physical and Environmental Safeguards: Security Beyond the Ones and Zeros Chapter 11. Systemwide and Client-Based Security Configuration: Making Sure All the Pieces Fit Together Chapter 12. Safeguarding Patient Data from Prying Eyes: Knowing Where Your PHI Resides Chapter 13. People, the Most Crucial Element: Training the Masses to Respect the System Chapter 14. Business Associates: The Human Resources Just Beyond Your Reach Chapter 15. Security Project vs. Operational Support Chapter 16. Putting the Plan in Place: Ongoing Maintenance and Life after the Security Project Appendix A. Sample Business Associate Agreement Appendix B. Sample Rules of Behavior for Privileged User Accounts Appendix C. Breach Notification Process Title 2 Copyright 3 Apress Business 5 Dedication 6 Contents 7 Foreword 9 About the Author 11 Acknowledgments 12 Introduction 13 Chapter 1: Introduction 14 Part I: The Evolution of a Monster 19 Chapter 2: Waking the Sleeping Giant 20 Chapter 3: It's Not Just HIPAA 30 Part II: Divide and Conquer: Defining Ownership to Develop Solutions 38 Chapter 4: Assembling the Team 39 Chapter 5: Sifting through the Wreckage 47 Chapter 6: Review Your Policies and Develop a Plan 63 Part III: Sustainable Solutions 66 Chapter 7: Identity and Access Management 67 Chapter 8: Application Design 77 Chapter 9: Access Validation Process 93 Chapter 10: Physical and Environmental Safeguards 100 Chapter 11: Systemwide and Client-Based Security 106 Chapter 12: Safeguarding Patient Data from Prying Eyes 110 Part IV: From Project to Program: Transitioning to a Sustainable Support Model 116 Chapter 13: People, the Most Crucial Element 117 Chapter 14: Business Associates 120 Chapter 15: Security Project versus Operational Support 125 Chapter 16: Putting the Plan in Place 131 Part V: Appendices 134 Appendix A: Sample Business Associate Agreement 135 Appendix B: Sample Rules of Behavior for Privileged User Accounts 143 Appendix C: Breach Notification Process 145 Index 147 Other Apress Business Titles You Will Find Useful 152 Security,General Robichau delivers a practical Healthcare IT security text which discusses how to identify and access management systems; proper application design; physical and environmental safeguards; system-wide and client-based security configurations; safeguards for patient data; training and auditing procedures; and governance and policy administration Sources other than Library of Congress
دانلود کتاب Healthcare information privacy and security : regulatory compliance and data security in the age of electronic health records