Achieving Comprehensive Health IT Privacy and Security

Author:

Jared Rhoads

Privacy and security are mission-critical issues now that the proposed changes to HIPAA are about to be finalized and now that organizations must attest to having completed a comprehensive risk assessment in order to achieve meaningful use. There are many new and changing rules to comply with, but fortunately much of what is contained in the rules should be part of an organization’s privacy and security strategy anyway.

In this paper, CSC provides a status update on three HIPAA-related topics: accounting of disclosures, encryption, and two-factor authentication, and explain key concepts like what it means for a requirement to be “addressable.” The authors then describe the basic steps involved in completing a risk assessment, including: evaluating your risks, correcting your deficiencies, and maintaining your processes and technologies.

Download "Achieving Comprehensive Health IT Privacy and Security" (PDF, 802KB)

For more information, please contact us.