This is the self study guide and most
advanced training manual for HIPAA Security Certification. This guide contains explanations
of the final Security Rule’s standards and implementation
specifications in the areas of Administrative, Physical, and
Technical Safeguards. Assessment tools, methodologies, and
sample security policies that can be utilized to bring a covered
entity into compliance are all included in the text. In addition,
major networking protocols and technologies are discussed
and evaluated in regard to their relevance to information
security.
If you plan not to take the certification test, this manual
is still very helpful in understanding the HIPAA security
laws, its penalties, how to start compliance etc. This is
the study guide for those working towards their HIPAA Security
certification, but it is also invaluable for members of HIPAA
compliance teams, Security Officers, project managers, network
administrators, consultants, and anyone else involved in the
overall security of an organization impacted by HIPAA regulations.
Following is the table of content for the book:
HIPAA Security Rule (41 Pages)
Topic A: The final Security Rule 1-2
Topic B: Terminology 1-10
Topic C: Categories and standards 1-14
Topic D: Privacy Rule and flow of PHI 1-18
Topic E: Security threats 1-32
Topic F: Security technology options 1-37
Unit summary: HIPAA Security Rule 1-41
Administrative safeguards (33 Pages)
Topic A: Overview 2-2
Topic B: Security Management Process 2-5
Topic C: Assigned Security Responsibility 2-9
Topic D: Workforce Security 2-12
Topic E: Information Access Management 2-15
Topic F: Security Awareness and Training 2-17
Topic G: Security Incident Procedures 2-23
Topic H: Contingency Plan 2-27
Topic I: Evaluation 2-30
Topic J: BACs and Other Arrangements 2-31
Unit summary: Administrative safeguards 2-33
Physical safeguards (16 pages)
Topic A: Requirements 3-2
Topic B: Facility Access Controls 3-4
Topic C: Workstation Use and Security 3-6
Topic D: Device and Media Controls 3-9
Topic E: Privacy Rule Physical safeguards 3-12
Unit summary: Physical safeguards 3-16
Technical safeguards (73 Pages)
Topic A: Requirements 4-2
Topic B: Access Control 4-6
Topic C: Audit Controls 4-12
Topic D: Integrity 4-15
Topic E: Person or Entity Authentication 4-17
Topic F: Transmission Security 4-21
Topic G: TCP/IP network infrastructure 4-23
Topic H: Firewall systems 4-38
Topic I: Virtual Private Networks (VPNs) 4-41
Topic J: Wireless transmission security 4-43
Topic K: Encryption 4-50
Topic L: Kerberos authentication 4-55
Topic M: Case study: Windows XP security 4-61
Unit summary: Technical safeguards 4-73
Digital signatures and certificates (28 pages)
Topic A: Requirements 5-2
Topic B: Digital signatures 5-7
Topic C: Digital certificates 5-12
Topic D: Public Key Infrastructure (PKI) 5-17
Unit summary: Digital signatures and certificates 5-28
Security policy (24 pages)
Topic A: Threats, risk management, and policy 6-2
Topic B: ISO 17799 and BS 7799 security standards 6-7
Topic C: Security policy considerations 6-12
Topic D: Sample security policy documents 6-17
Unit summary: Security policy 6-24
Additional information A-1
Topic A: HIPAA’s proposed Security Rule A-2
Topic B: ecfirst.com’s BizShield A-6
Course summary S-1
Topic A: Course summary S-2
Topic B: Continued learning after class S-4
Glossary G-1
Index I-1
These 4-page laminated cards are ideal
to use as a quick desktop reference for HIPAA regulations
or as a concise exam review. Each training kit comes with
three cards: "HIPAA Overview," "HIPAA Privacy,"
and "HIPAA Security."
