ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules

دانلود کتاب راهنمای قطعی برای رعایت قوانین حفظ حریم خصوصی و امنیتی HIPAA / HITECH

The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules

مشخصات کتاب

The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules

ویرایش:  
نویسندگان:   
سری:  
ISBN (شابک) : 9781466507685, 1466507683 
ناشر: Auerbach Publications 
سال نشر: 2012 
تعداد صفحات: 463 
زبان: English 
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 5 مگابایت 

قیمت کتاب (تومان) : 53,000



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 18


در صورت تبدیل فایل کتاب The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب راهنمای قطعی برای رعایت قوانین حفظ حریم خصوصی و امنیتی HIPAA / HITECH نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی در مورد کتاب راهنمای قطعی برای رعایت قوانین حفظ حریم خصوصی و امنیتی HIPAA / HITECH

راهنمای قطعی پیروی از قوانین حفظ حریم خصوصی و امنیت HIPAA/HITECH یک کتابچه راهنمای جامع برای اطمینان از انطباق با استانداردهای اجرای قوانین حفظ حریم خصوصی و امنیت HIPAA است و توصیه هایی را بر اساس سایر مقررات مرتبط و بهترین شیوه های صنعت ارائه می دهد. این کتاب برای کمک به شما در بررسی دسترسی به اطلاعات الکترونیکی حفاظت شده سلامت (EPHI) طراحی شده است تا مطمئن شوید که به صورت غیرمجاز تغییر یا تخریب نشده است و در صورت نیاز فقط توسط افراد مجاز برای استفاده مجاز در دسترس است. همچنین می‌تواند به نهادهایی کمک کند که ممکن است تحت پوشش مقررات HIPAA نباشند، اما می‌خواهند به مشتریان خود اطمینان دهند که تلاش لازم را برای محافظت از اطلاعات شخصی و خصوصی خود انجام می‌دهند. از آنجایی که قوانین HIPAA/HITECH عموماً در مورد نهادهای تحت پوشش، شرکای تجاری و پیمانکاران فرعی آنها اعمال می شود، این قوانین ممکن است به زودی به استانداردهای عملی برای همه شرکت ها تبدیل شوند. حتی اگر در حال حاضر ملزم به رعایت آن نباشید، ممکن است به زودی در محدوده اختیارات HIPAA/HITECH قرار بگیرید. بنابراین، بهترین کار این است که مراحل خود را در مسیر درست حرکت دهید. این کتاب پادمان های اداری، فیزیکی و فنی را پوشش می دهد. الزامات سازمانی؛ و سیاست ها، رویه ها و الزامات مستندسازی. این اسناد و دستورالعمل‌های نمونه را در مورد استفاده از سیاست‌ها و رویه‌ها برای اثبات انطباق ارائه می‌کند. این برای کمک به آماده سازی نهادها برای ارزیابی HIPAA یا در صورت ممیزی HHS بسیار مهم است. افسران ارشد اطلاعات و افسران امنیتی که بر اصول این کتاب تسلط دارند، می توانند مطمئن باشند که اقدامات مناسبی را برای محافظت از اطلاعات مشتریان خود و تقویت وضعیت امنیتی آنها انجام داده اند. این می تواند یک مزیت استراتژیک برای سازمان آنها ایجاد کند و به مشتریان نشان دهد که آنها نه تنها به سلامت و رفاه خود اهمیت می دهند، بلکه در مورد محافظت از حریم خصوصی مشتریان خود نیز هوشیار هستند.


توضیحاتی درمورد کتاب به خارجی

The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules is a comprehensive manual to ensuring compliance with the implementation standards of the Privacy and Security Rules of HIPAA and provides recommendations based on other related regulations and industry best practices. The book is designed to assist you in reviewing the accessibility of electronic protected health information (EPHI) to make certain that it is not altered or destroyed in an unauthorized manner, and that it is available as needed only by authorized individuals for authorized use. It can also help those entities that may not be covered by HIPAA regulations but want to assure their customers they are doing their due diligence to protect their personal and private information. Since HIPAA/HITECH rules generally apply to covered entities, business associates, and their subcontractors, these rules may soon become de facto standards for all companies to follow. Even if you aren’t required to comply at this time, you may soon fall within the HIPAA/HITECH purview. So, it is best to move your procedures in the right direction now. The book covers administrative, physical, and technical safeguards; organizational requirements; and policies, procedures, and documentation requirements. It provides sample documents and directions on using the policies and procedures to establish proof of compliance. This is critical to help prepare entities for a HIPAA assessment or in the event of an HHS audit. Chief information officers and security officers who master the principles in this book can be confident they have taken the proper steps to protect their clients’ information and strengthen their security posture. This can provide a strategic advantage to their organization, demonstrating to clients that they not only care about their health and well-being, but are also vigilant about protecting their clients’ privacy.



فهرست مطالب


Content: HIPAA/HITECH Overview Definitions Required by Law Covered Entities Defined Covered Transactions Defined Are You a Covered Entity? Business Associates The Electronic Transactions and Code Sets Rule Overview National Provider Identifier Requirements Overview Security Rule Overview "Meaningful Use" Overview Breach Notification Rule Overview Enforcement Rule Overview Anti-Kickback Statute Patient Safety and Quality Improvement Act of 2005 (PSQIA) Consumer Privacy Bill of Rights Federal Rules of Civil Procedures The Relevance of HIPAA/HITECH to Healthcare Organizations Why Is Security Important? Are Healthcare Organizations Immune to Security Concerns? Suffering from Data Breaches Rise of Medical Identity Theft Internet Crimes Go Unpunished Social Engineering and HIPAA Social Engineering: What Is It? Threats in the Workplace Enforcement Activities Impediments to HIPAA/HITECH Compliance The God Complex Recommendations Critical Infrastructure Implications What the Future Holds Compliance Overview Interrelationship between Regulations, Policies, Standards, Procedures, and Guidelines Reasonable Safeguards Centers for Medicare and Medicaid Services Compliance Review HIPAA/HITECH Privacy and Security Audit Program The SAS 70/SSAE 16 Debate Corporate Governance Privacy Rule Detailed Minimum Necessary Individual Consent Permitted Uses and Disclosures Detailed Authorized Use and Disclosure Privacy Practices Notice Administrative Requirements Organizational Options Other Provisions: Personal Representatives and Minors State Laws Enforcement Compliance Dates The Electronic Transactions and Code Set Rule Detailed Definitions Standard Transactions Medical Code Sets Local Codes Nonmedical Code Sets Requirements for Covered Entities Additional Requirements for Health Plans Additional Rules for Healthcare Clearinghouses Exceptions from Standards to Permit Testing of Proposed Modifications The National Provider Identifier Requirements Detailed Definitions Compliance Dates Healthcare Provider's Unique Health Identifier National Provider System Implementation Specifications for Healthcare Providers Implementation Specifications for Health Plans Implementation Specifications for Healthcare Clearinghouses National Provider Identifier (NPI) Application "Meaningful Use" Detailed Meaningful Use Defined Meaningful Use Criteria Meaningful Use Requirements Meaningful Use Stage 1 (2011 and 2012) Clinical Quality Measures Meaningful Use Specification Sheets Proposed Changes to Stage 1 and Proposals for Stage 2 Breach Notification Detailed Definitions Individual Notification Media Notification Secretary Notification Business Associate Notification Notification Delay Request of Law Enforcement Burden of Proof Sample of Breach Notification Policy Sample of Breach Notification to Individuals Enforcement Rule Detailed General Penalty Affirmative Defenses Waiver Notice of Proposed Determination Security Rule Detailed Implementation Specifications Implementation Process Standards Are Flexible and Scalable Security Standards Defined Policy and Procedure Drafting Documentation Requirements Components of Policies Security Rule: Administrative Safeguards Security Management Process Workforce Security Information Access Management Security Awareness Training Security Incident Procedures Contingency Plan Evaluation-Required-45 CFR x 164.308(a)(8) Business Associate Contracts and Other Arrangements Security Rule: Risk Assessments Risk Assessment Overview System Characterization Threat Identification Vulnerability Identification Control Analysis Likelihood Rating Impact Rating Risk Determination Risk Mitigation Risk Management Risk Assessment Report Security Rule: Security Awareness Training Security Rule: Incident Response Standard Format Steps Notification Incident Details Incident Handler Actions Taken or Recommended Actions Other Recommendations Security Rule: Business Continuity Planning and Disaster Recovery Contingency Plan-45 CFR x 164.308(a)(7)(i) Data Backup Plan-45 CFR x 164.308(a)(7)(ii)(A) Disaster Recovery Plan-45 CFR x 164.308(a)(7)(ii)(B) Emergency Mode Operation Plan-45 CFR x 164.308(a)(7)(ii)(C) Testing and Revision Procedures-Addressable-45 CFR x 164.308(a)(7)(ii)(D)(b) Applications and Data Criticality Analysis-Addressable-45 CFR x 164.308(a)(7)(ii)(E)(b) A Plan Addressing Both Operational and Regulatory Requirements Security Rule: Compliance Assessment Gap Analysis Develop or Modify Policies and Procedures Approve Policies and Procedures Policy and Procedure Implementation Test Plans Assessment Reassess Security Rule: Physical Safeguards Facility Access Controls Workstations Use-Required-45 CFR x 164.310(b) Workstation Security-Required-45 CFR x 164.310(c) Device and Media Controls Remote Use and Mobile Device Controls Security Rule: Technical Safeguards Access Control Audit Controls-Required-45 CFR x 164.312(b) Integrity Person or Entity Authentication-Required-45 CFR x 164.312(d) Transmission Security Security Rule: Organizational Requirements Business Associate Contracts-Required-45 CFR x 164.314(a)(2)(i) Other Arrangements-Required-45 CFR x 164.314(a)(2)(ii) Requirements for Group Health Plans-Implementation Specifications-Required-45 CFR x 164.314(b)(2) Frequently Asked Questions Checklists Policies and Procedures Document Request List Incident Handling Checklist Crisis Handling Steps Works Cited Additional Resources Acronyms Glossary Index
Abstract: "The security standards in HIPAA were developed to implement appropriate security safeguards for the protection of certain Electronic Protected Health Information (EPHI) that may be at risk while permitting authorized individuals to use this information. This book assists the health care provider in reviewing the accessibility of EPHI to verify that it is not altered or destroyed in an unauthorized manner and that it is available as needed by authorized individuals. The text covers implementation standards and provides recommendations on how to comply with these standards. "--

"Preface The Department of Health and Human Services (HHS) has published four major rules implementing a number of provisions and regulations set out by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 1999 as part of the American Recovery and Reinvestment Act (ARRA). These rules are the Privacy Rule; the Electronic Transactions and Code Sets Rule; the National Identifier requirements for employers, providers, and health plans; and the Security Rule. It also include more regulatory control over enforcement actions and stiffer penalties for noncompliance. There are many healthcare providers, healthcare clearinghouses, and health plans that are required to implement and comply with these rules, especially the Security Rule. Failure to implement or comply with these rules can leave the covered entity or others that need to comply open for large monetary fines, civil lawsuits, and other penalties. With the rise of security breaches and other high-profile incidences regarding successful hacking events, it is very apparent that information has become a valuable commodity. The United States has moved from a nation built on manufacturing and industry to an information/knowledge powerhouse. With the advancement in technology comes the opportunity for criminals to find another source of income by exploiting vulnerabilities within this technology. Retail, financial, and governmental entities have been the target and have fallen victim to these types of crimes; however, these industries are not the only industries susceptible. Technology has made companies more efficient and even now healthcare providers are required to submit Medicaid and"





نظرات کاربران