SlideShare uma empresa Scribd logo

HIPAA Security Assessment Toolkit Introduction

Bob Chaput
Bob Chaput

Covered Entities and Business Associates – take control of your HIPAA Security – HITECH Act compliance program starting today! Our HIPAA Security Assessment Tool™ is the easiest, fastest and most popular way to establish a baseline scorecard and track compliance progress.

Tecnologia
1 de 12
Baixar para ler offline
HIPAA Security Assessment ToolKit™ Introduction and Overview Bob Chaput 615-656-4299 or 800-704-3394 bob.chaput@HIPAASecurityAssessment.com HITECH Security Advisors, LLC 1
Disclaimers 1. We are not attorneys! Consult with your own legal counsel or advisors. 2. Information about and around HIPAA and HITECH continues to evolve. 3. HIPAA and HITECH rules and regulations are subject to lots of different interpretations. 4. Every effort has been made to insure that the information presented is correct, but we can cannot offer such assurances. 5. You should not rely on this information for legal purposes, but simply use it as a tool to raise your awareness.
Why You Should Care! 1. “Ensuring adequate privacy and security protections for personal health information” is a key part of Meaningful Use 2. HITECH Act has raised the ante for HIPAA Security compliance significantly 3. Compliance is the smart thing to do for your business and the right thing to do for your patients or your customers’ patients 4. It’s the law! 3
Meaningful Use Stage 1 Policy Goals It’s about health outcomes improvement in the US… 1. Improving quality, safety, efficiency, and reducing health disparities. 2. Engaging patients and families in their healthcare 3. Improving care coordination 4. Improving population and public health 5. Ensuring adequate privacy and security protections for personal health information 4
The HITECH Act – Major Changes From a Privacy and Security perspective, here are five absolute “game changers” under HITECH: 1) Mandatory audits (Subtitle D, Part 1, Section 13411) 2) HHS non-compliance fines return to HHS’ coffers and within a few years (by law) individuals will participate in sharing the proceeds 3) State AGs can now bring civil actions on behalf of their citizens 4) Business Associates are now statutorily obligated 5) Data Breach Notification requirements 5
Meet the HHS Data Breach ‘Wall of Shame’ http://www.hhs.gov/ocr/privacy/hi paa/administrative/breachnotific ationrule/postedbreaches.html 6
HIPAA Security-HITECH Compliance Roadmap HIPAA HIPAA Remediation Security is Plan NOT a Focus of HSA ToolKit™ (HRP) “techie” project Preliminary HIPAA Remediation Security Plan Strategy HIPAA HIPAA HIPAA (PRP) (HSS) Security Compliance Security Assessment Manual Evaluation (HSA) HIPAA (HCM) (HSE) HIPAA Security Risk Training Analysis (HST) (HRA) … A journey, not a HIPAA Security destination ! Policies (HSP) 7
Purpose of the HSA ToolKit™ 1. Jump Start Your HIPAA Security Compliance Program 2. Establish A Progress / Benchmark Monitor 3. Quickly Identify “Low Hanging” Remediation Items 4. Develop a Solid Foundation for HIPAA Risk Analysis 5. Build Deep Understanding At The Onset 6. Get out in front of Meaningful Use requirements on ePHI security 8
Contents of the HSA ToolKit™ 1. HIPAA Security Assessment ToolKit™ Contents document 2. How to Use the HIPAA Security Assessment ToolKit™ 3. Comprehensive HIPAA Security Assessment (HSA) Excel Tool™, including Instructions, Glossary of Terms, included with HSA Excel Tool, Policies Checklist, Resources & References 4. HIPAA Security – HITECH Compliance Roadmap™ 5. Preliminary Remediation Plan Candidate Items template 6. Data Mountain HIPAA-HITECH Security Rule FAQ 7. Iron Mountain HIPAA Primer – What You Should Know About the New Regulations 8. 2009 CMS' HIPAA Compliance Review Analysis And Summary of Results 9. Office of Civil Rights (OCR) HIPAA Security Standards: Guidance on Risk Analysis 10. Centers for Medicare & Medicaid Services (CMS) Security Standards: Implementation for the Small Provider 11. Complete copy of HIPAA Security Final Rule (45 CFR Parts 160, 162, and 164) 9
Heart of the HSA ToolKit™
Features and Benefits of the HSA ToolKit™ HSA ToolKit™ Features HSA ToolKit™ Benefits • Low Risk • Easily derived immediate remediation steps Low Price and High Value • Fast Track to HIPAA Security Rule Compliance • Comprehensive tool and resources • Low Impact on Client Staff and Operations Short Duration • Fast, Immediate Results • Proven Quality • Developed by Senior, Experienced Professionals Development Team • Health Care Expertise • HIPAA – HITECH Focused • Comprehensive, Complete Data Gathering • Based on Proven Best Practices Sound Methodology • High-Quality, Credible Outcomes • Process View, No-Fault Appraisal • Baseline for Compliance Program 11
Contact Bob Chaput www.HIPAASecurityAssessment.com bob.chaput@HIPAASecurityAssessment.com Connect: www.linkedin.com/in/bobchaput Follow me: Twitter.com/bobchaput HITECH Security Advisors, LLC 12

Recomendados

Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
HIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHostway|HOSTING
 
MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurancemindleaftechnologies
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006JNicholson
 
Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceHostway|HOSTING
 
HIPAA: security risk analysis
HIPAA: security risk analysisHIPAA: security risk analysis
HIPAA: security risk analysisJoAnna Cheshire
 
Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Armor
 
Hipaa random audit
Hipaa random auditHipaa random audit
Hipaa random auditsupportc2go
 

Recomendados

Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
HIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHIPAA Compliance: Simple Steps to the Healthcare Cloud
HIPAA Compliance: Simple Steps to the Healthcare CloudHostway|HOSTING
 
MindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insuranceMindLeaf - HIPAA privacy and cybersecurity insurance
MindLeaf - HIPAA privacy and cybersecurity insurancemindleaftechnologies
 
Cyberinsurance 111006
Cyberinsurance 111006Cyberinsurance 111006
Cyberinsurance 111006JNicholson
 
Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceHostway|HOSTING
 
HIPAA: security risk analysis
HIPAA: security risk analysisHIPAA: security risk analysis
HIPAA: security risk analysisJoAnna Cheshire
 
Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Firehost Webinar: Hipaa Compliance 101 Part 1
Firehost Webinar: Hipaa Compliance 101 Part 1Armor
 
Hipaa random audit
Hipaa random auditHipaa random audit
Hipaa random auditsupportc2go
 
The Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityThe Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityPolsinelli PC
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework SummaryJason Rusch - CISSP CGEIT CISM CISA GNSA
 
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationHitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationSchellman & Company
 
2010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V12010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V1GuardEra Access Solutions, Inc.
 
Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Vitor Lundberg
 
Hitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalHitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalajcob123
 
Ecfirstbiz
EcfirstbizEcfirstbiz
Ecfirstbizshailu devi
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryJim Shingler
 
Iadmdhipmkt1.0
Iadmdhipmkt1.0Iadmdhipmkt1.0
Iadmdhipmkt1.0profit10
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...HPCC Systems
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA Security & Privacy Official
HIPAA Security & Privacy Official HIPAA Security & Privacy Official
HIPAA Security & Privacy Official GlobalCompliancePanel
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 
What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageTexas Medical Liability Trust
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Compliance & hipaa regulations
Compliance & hipaa regulationsCompliance & hipaa regulations
Compliance & hipaa regulationsrcpopp2002
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTKimberly Simon MBA
 
A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAADaniel P Wallace
 
HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to YouWinston & Strawn LLP
 
ISSIP FUTURE SIG
ISSIP FUTURE SIGISSIP FUTURE SIG
ISSIP FUTURE SIGALessio Patatìn
 

Mais conteúdo relacionado

Mais procurados

The Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityThe Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityPolsinelli PC
 
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationHitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationSchellman & Company
 
Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Vitor Lundberg
 
Hitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalHitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalajcob123
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryJim Shingler
 
Iadmdhipmkt1.0
Iadmdhipmkt1.0Iadmdhipmkt1.0
Iadmdhipmkt1.0profit10
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...HPCC Systems
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Compliancy Group
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 
What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageTexas Medical Liability Trust
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Traininghimalya sharma
 
Compliance & hipaa regulations
Compliance & hipaa regulationsCompliance & hipaa regulations
Compliance & hipaa regulationsrcpopp2002
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTKimberly Simon MBA
 

Mais procurados (19)

The Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & SecurityThe Intersection of OCR Enforcement and Health Care Data Privacy & Security
The Intersection of OCR Enforcement and Health Care Data Privacy & Security
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
 
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST CertificationHitrust: Navigating to 2017, Your Map to HITRUST Certification
Hitrust: Navigating to 2017, Your Map to HITRUST Certification
 
2010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V12010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V1
 
Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake Hortonworks help customers building a HIPAA compliant Data Lake
Hortonworks help customers building a HIPAA compliant Data Lake
 
Hitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-finalHitrust csf-assurance-program-requirements-v1 3-final
Hitrust csf-assurance-program-requirements-v1 3-final
 
Ecfirstbiz
EcfirstbizEcfirstbiz
Ecfirstbiz
 
HIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud FoundryHIPAA Solutions on Cloud Foundry
HIPAA Solutions on Cloud Foundry
 
Iadmdhipmkt1.0
Iadmdhipmkt1.0Iadmdhipmkt1.0
Iadmdhipmkt1.0
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit
 
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
Leveraging HPCC Systems as Part of an Information Security, Privacy, and Comp...
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
 
HIPAA Security & Privacy Official
HIPAA Security & Privacy Official HIPAA Security & Privacy Official
HIPAA Security & Privacy Official
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
 
What Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud StorageWhat Every Physician Needs to Know About Cloud Storage
What Every Physician Needs to Know About Cloud Storage
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
Compliance & hipaa regulations
Compliance & hipaa regulationsCompliance & hipaa regulations
Compliance & hipaa regulations
 
HealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUSTHealthCare Compliance - HIPAA & HITRUST
HealthCare Compliance - HIPAA & HITRUST
 

Destaque

A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAADaniel P Wallace
 
HIPAA: Everything You Need to Know
HIPAA: Everything You Need to KnowHIPAA: Everything You Need to Know
HIPAA: Everything You Need to Knowbenefitexpress
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for DevelopersTrueVault
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessmentdata brackets
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceJay Hodes
 
Introduction To Business Ethics
Introduction To Business EthicsIntroduction To Business Ethics
Introduction To Business EthicsPaul Pajo
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA BasicsKarna *
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceTrueVault
 
Importance of-business-ethics
Importance of-business-ethicsImportance of-business-ethics
Importance of-business-ethicsSyed Arslan
 

Destaque (15)

A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAA
 
HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to You
 
ISSIP FUTURE SIG
ISSIP FUTURE SIGISSIP FUTURE SIG
ISSIP FUTURE SIG
 
HIPAA: Everything You Need to Know
HIPAA: Everything You Need to KnowHIPAA: Everything You Need to Know
HIPAA: Everything You Need to Know
 
Hawaii’s HIPAA Harmonization Law
Hawaii’s HIPAA Harmonization LawHawaii’s HIPAA Harmonization Law
Hawaii’s HIPAA Harmonization Law
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 
Introduction To Business Ethics
Introduction To Business EthicsIntroduction To Business Ethics
Introduction To Business Ethics
 
HIPAA Basics
HIPAA BasicsHIPAA Basics
HIPAA Basics
 
Hippa presentation2
Hippa presentation2Hippa presentation2
Hippa presentation2
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
 
Importance of-business-ethics
Importance of-business-ethicsImportance of-business-ethics
Importance of-business-ethics
 
Business ethics
Business ethicsBusiness ethics
Business ethics
 

Semelhante a HIPAA Security Assessment Toolkit Introduction

HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivAmazon Web Services
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceAtMyDeskTraining
 
Redspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk AnalysisRedspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk AnalysisRedspin, Inc.
 
Final Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docxFinal Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docxlmelaine
 
HIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarHIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarCompliancy Group
 
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxBarbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxwilcockiris
 
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin, Inc.
 
Explain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdfExplain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdfarjunenterprises1978
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAAManas Deep
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfSeasiaInfotech2
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesCMDLMS
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowCompliancy Group
 
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...Learn2Prevent
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHanna Global
 
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...Colington Consulting
 
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...Ben Rothke
 
Hipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providersHipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providersGlobalCompliancePanel
 
Hipaa audits and enforcement
Hipaa audits and enforcementHipaa audits and enforcement
Hipaa audits and enforcementsupportc2go
 

Semelhante a HIPAA Security Assessment Toolkit Introduction (20)

HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA Compliance
 
Redspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk AnalysisRedspin Webinar - Prepare for a HIPAA Security Risk Analysis
Redspin Webinar - Prepare for a HIPAA Security Risk Analysis
 
Final Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docxFinal Project Presentation requirementSelect your final project .docx
Final Project Presentation requirementSelect your final project .docx
 
HIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy WebinarHIPAA HITECH Express Security Privacy Webinar
HIPAA HITECH Express Security Privacy Webinar
 
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docxBarbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
Barbara Silva is the CIO for Peachtree Community Hospital in Atlanta.docx
 
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS Community
 
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT SecurityRedspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
Redspin & Phyllis and Associates Webinar- HIPAA,HITECH,Meaninful Use,IT Security
 
Explain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdfExplain the security implications of HIPPA requirements for hospital.pdf
Explain the security implications of HIPPA requirements for hospital.pdf
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAA
 
An Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdfAn Overview of HIPAA Laws and Regulations.pdf
An Overview of HIPAA Laws and Regulations.pdf
 
Comp8 unit6a lecture_slides
Comp8 unit6a lecture_slidesComp8 unit6a lecture_slides
Comp8 unit6a lecture_slides
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
 
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
The Ultimate Guide to HIPAA Training Course Online Everything You Need to Kno...
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliance
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA Compliance
 
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
The Ultimate Guide to HIPAA Compliance - Strategies and Security Risk Assessm...
 
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
HIPAA and Beyond - How to Effectively Safeguard Electronic Protected Health I...
 
Hipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providersHipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providers
 
Hipaa audits and enforcement
Hipaa audits and enforcementHipaa audits and enforcement
Hipaa audits and enforcement
 

Mais de Bob Chaput

Upcoming Clearwater Compliance Events
Upcoming Clearwater Compliance EventsUpcoming Clearwater Compliance Events
Upcoming Clearwater Compliance EventsBob Chaput
 
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™Bob Chaput
 
About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011Bob Chaput
 
How The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule ComplianceHow The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule ComplianceBob Chaput
 
COO Forum is Coming to Nashville
COO Forum is Coming to NashvilleCOO Forum is Coming to Nashville
COO Forum is Coming to NashvilleBob Chaput
 
03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 Webinar03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 WebinarBob Chaput
 

Mais de Bob Chaput (6)

Upcoming Clearwater Compliance Events
Upcoming Clearwater Compliance EventsUpcoming Clearwater Compliance Events
Upcoming Clearwater Compliance Events
 
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
NEW 2014 Clearwater Compliance Virtual HIPAA Audit Prep BootCamp™
 
About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011About Your Speaker Author Bob Chaput 11 25 2011
About Your Speaker Author Bob Chaput 11 25 2011
 
How The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule ComplianceHow The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
How The Hitech Act Raises The Ante For Hipaa Security Rule Compliance
 
COO Forum is Coming to Nashville
COO Forum is Coming to NashvilleCOO Forum is Coming to Nashville
COO Forum is Coming to Nashville
 
03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 Webinar03 2010 Online Buyer 101 Webinar
03 2010 Online Buyer 101 Webinar
 

Último

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 

Último (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 

HIPAA Security Assessment Toolkit Introduction

  • 1. HIPAA Security Assessment ToolKit™ Introduction and Overview Bob Chaput 615-656-4299 or 800-704-3394 bob.chaput@HIPAASecurityAssessment.com HITECH Security Advisors, LLC 1
  • 2. Disclaimers 1. We are not attorneys! Consult with your own legal counsel or advisors. 2. Information about and around HIPAA and HITECH continues to evolve. 3. HIPAA and HITECH rules and regulations are subject to lots of different interpretations. 4. Every effort has been made to insure that the information presented is correct, but we can cannot offer such assurances. 5. You should not rely on this information for legal purposes, but simply use it as a tool to raise your awareness.
  • 3. Why You Should Care! 1. “Ensuring adequate privacy and security protections for personal health information” is a key part of Meaningful Use 2. HITECH Act has raised the ante for HIPAA Security compliance significantly 3. Compliance is the smart thing to do for your business and the right thing to do for your patients or your customers’ patients 4. It’s the law! 3
  • 4. Meaningful Use Stage 1 Policy Goals It’s about health outcomes improvement in the US… 1. Improving quality, safety, efficiency, and reducing health disparities. 2. Engaging patients and families in their healthcare 3. Improving care coordination 4. Improving population and public health 5. Ensuring adequate privacy and security protections for personal health information 4
  • 5. The HITECH Act – Major Changes From a Privacy and Security perspective, here are five absolute “game changers” under HITECH: 1) Mandatory audits (Subtitle D, Part 1, Section 13411) 2) HHS non-compliance fines return to HHS’ coffers and within a few years (by law) individuals will participate in sharing the proceeds 3) State AGs can now bring civil actions on behalf of their citizens 4) Business Associates are now statutorily obligated 5) Data Breach Notification requirements 5
  • 6. Meet the HHS Data Breach ‘Wall of Shame’ http://www.hhs.gov/ocr/privacy/hi paa/administrative/breachnotific ationrule/postedbreaches.html 6
  • 7. HIPAA Security-HITECH Compliance Roadmap HIPAA HIPAA Remediation Security is Plan NOT a Focus of HSA ToolKit™ (HRP) “techie” project Preliminary HIPAA Remediation Security Plan Strategy HIPAA HIPAA HIPAA (PRP) (HSS) Security Compliance Security Assessment Manual Evaluation (HSA) HIPAA (HCM) (HSE) HIPAA Security Risk Training Analysis (HST) (HRA) … A journey, not a HIPAA Security destination ! Policies (HSP) 7
  • 8. Purpose of the HSA ToolKit™ 1. Jump Start Your HIPAA Security Compliance Program 2. Establish A Progress / Benchmark Monitor 3. Quickly Identify “Low Hanging” Remediation Items 4. Develop a Solid Foundation for HIPAA Risk Analysis 5. Build Deep Understanding At The Onset 6. Get out in front of Meaningful Use requirements on ePHI security 8
  • 9. Contents of the HSA ToolKit™ 1. HIPAA Security Assessment ToolKit™ Contents document 2. How to Use the HIPAA Security Assessment ToolKit™ 3. Comprehensive HIPAA Security Assessment (HSA) Excel Tool™, including Instructions, Glossary of Terms, included with HSA Excel Tool, Policies Checklist, Resources & References 4. HIPAA Security – HITECH Compliance Roadmap™ 5. Preliminary Remediation Plan Candidate Items template 6. Data Mountain HIPAA-HITECH Security Rule FAQ 7. Iron Mountain HIPAA Primer – What You Should Know About the New Regulations 8. 2009 CMS' HIPAA Compliance Review Analysis And Summary of Results 9. Office of Civil Rights (OCR) HIPAA Security Standards: Guidance on Risk Analysis 10. Centers for Medicare & Medicaid Services (CMS) Security Standards: Implementation for the Small Provider 11. Complete copy of HIPAA Security Final Rule (45 CFR Parts 160, 162, and 164) 9
  • 10. Heart of the HSA ToolKit™
  • 11. Features and Benefits of the HSA ToolKit™ HSA ToolKit™ Features HSA ToolKit™ Benefits • Low Risk • Easily derived immediate remediation steps Low Price and High Value • Fast Track to HIPAA Security Rule Compliance • Comprehensive tool and resources • Low Impact on Client Staff and Operations Short Duration • Fast, Immediate Results • Proven Quality • Developed by Senior, Experienced Professionals Development Team • Health Care Expertise • HIPAA – HITECH Focused • Comprehensive, Complete Data Gathering • Based on Proven Best Practices Sound Methodology • High-Quality, Credible Outcomes • Process View, No-Fault Appraisal • Baseline for Compliance Program 11
  • 12. Contact Bob Chaput www.HIPAASecurityAssessment.com bob.chaput@HIPAASecurityAssessment.com Connect: www.linkedin.com/in/bobchaput Follow me: Twitter.com/bobchaput HITECH Security Advisors, LLC 12