Health Insurance Portability and Accountability:: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
 
Line 12: Line 12:
<br>
<br>
--[[User:Mdpeters|Mdpeters]] 09:07, 14 July 2006 (EDT)
--[[User:Mdpeters|Mdpeters]] 09:07, 14 July 2006 (EDT)
==Standard References==
This document provides guidance on Standards for Privacy of Individually Identifiable Health Information, Security Standards for the Protection of Electronic Protected Health Information, and General Administrative Requirements Including, Civil Money Penalties: Procedures for Investigations, Imposition of Penalties, and Hearings.
[[Media:Final_Privacy_Rule_Regulations.pdf]]

Latest revision as of 13:17, 15 June 2007

HIPAA

Subpart C Section 164.306 (c) of the Health Insurance Portability and Accountability Act (HIPAA) requires covered entities to comply with specific security standards with respect to all electronic protected health information. This section highlights the templates from the Best Practice Policy Framework library (for example, policy and standards controls) that are needed to create, implement, and maintain an Information Security Program that complies with HIPAA.

HIPAA Policy Sample Library
This section provides sample Policy Framework templates (for example, Program Charter, policies, and standards) that are needed to create, implement, and maintain an Information Security Program that complies with HIPAA Subpart C Sections 164.308, 164.310, 164.312, and 164.316.

HIPAA Policy References
The section provides templates for an Information Security Program Charter and supporting policies that define the specific objectives required to create, implement, and maintain an Information Security Program that complies with HIPAA (Subpart C Sections 164.308, 164.310, 164.312, and 164.316). Policies provide the necessary authority to establish and implement technology- and solution-specific standards.


HIPAA Standard References
This section provides templates for the standards that are required to comply with HIPAA (Subpart C Sections 164.308, 164.310, 164.312, and 164.316) and support the objectives established in the policies located in the HIPAA Policies section.


--Mdpeters 09:07, 14 July 2006 (EDT)

Standard References

This document provides guidance on Standards for Privacy of Individually Identifiable Health Information, Security Standards for the Protection of Electronic Protected Health Information, and General Administrative Requirements Including, Civil Money Penalties: Procedures for Investigations, Imposition of Penalties, and Hearings. Media:Final_Privacy_Rule_Regulations.pdf