Building a HIPAA-Compliant Cybersecurity Program Using NIST 800-30 and CSF to Secure Protected Health Information
Use this book to learn how to conduct a timely and thorough Risk Analysis and Assessment documenting all risks to the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI), which is a key component of the HIPAA Security Rule. The requirement is a focus area f...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Berkeley, CA :
Apress
2017.
|
| Edición: | 1st ed. 2017. |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009630649806719 |
Tabla de Contenidos:
- Part I: Why Risk Assessment and Analysis
- Chapter 1: Not If, But When
- Chapter 2: Meeting Regulator Expectations
- Chapter 3: Selecting Security Measures
- Part II: Assessing and Analyzing Risk
- Chapter 4: Inventory Your ePHI
- Chapter 5: Who Wants Health Information
- Chapter 6: Weaknesses Waiting to Be Exploited
- Chapter 7: Is It Really This Bad?
- Chapter 8: Increasing Program Maturity
- Chapter 9: Targeted Non-technical Testing
- Chapter 10: Targeted Technical Testing
- Part III: Applying the Results to Everyday Needs
- Chapter 11: Refreshing the Risk Register
- Chapter 12: The Cybersecurity Roadmap
- Part IV: Continuous Improvement
- Chapter 13: Investing for Risk Reduction
- Chapter 14: Third Party-Risk: Beyond the BAA
- Chapter 15: Social Media, BYOD, IOT and Portability
- Chapter 16: Risk Treatment and Management
- Chapter 17: Customizing the Risk Analysis
- Chapter 18: Think Offensively
- Appendix A. NIST CSF Internal Controls
- Appendix B. NIST CSF to HIPAA Crosswalk
- Appendix C: Risk Analysis Templates.- .
