05553cam a2200685Ii 4500 ocn946997515 OCoLC 20190328114814.0 m o d cr cnu---unuuu 160420s2016 ne o 001 0 eng d N$T eng rda pn N$T IDEBK YDXCP N$T OCLCF EBLCP OPELS UPM IDB OTZ MERUC OCLCQ U3W D6H WRM AU@ GGVRL EZC OCLCQ WYU OCLCA MERER OCLCO OCLCA OCLCQ OCLCA 101688820 DNLM 956735902 1066495867 9780128044117 (electronic bk.) 012804411X (electronic bk.) 9780128043929 012804392X (OCoLC)946997515 (OCoLC)956735902 (OCoLC)1066495867 e-uk--- RA976 2016 F-929 WX 175 BUS 000000 bisacsh 651.504261 23 Cerrato, Paul, author. Protecting patient information : a decision-maker's guide to risk, prevention, and damage control / [electronic resource] Paul Cerrato ; Jason Andress, technical editor. Amsterdam : Syngress is an imprint of Elsevier, 2016. 1 online resource text txt rdacontent computer c rdamedia online resource cr rdacarrier Online resource; title from PDF title page (EBSCO, viewed April 25, 2016). Includes index. Cover ; Title Page; Copyright Page; Disclaimer; Dedication; Contents; About the Author; Preface; Chapter 1 -- Dissecting a Book Title; Chapter 2 -- How Well Protected is Your Protected Health Information? Perception Versus Reality; The Cost of Insecurity is Steep; A Closer Look at Data Breach Fines; Do not ignore individual states in breach investigations; Fines are Only Part of the Problem; Factoring in the Meaningful Use Program; Calculating the Cost of Security; References; Chapter 3 -- Regulations Governing Protected Health Information; Defining the Crown Jewels. HIPAA Privacy Versus Security Rules: Related But DifferentTechnology is only part of the equation; Enforcing HIPAA Regulations; A closer look at the HIPAA Security Rule; The HIPAA Breach Notification Rule; The Role of the Federal Trade Commission; Do not forget State Laws; References; Chapter 4 -- Risk Analysis; Learning the jargon; Vulnerability; Threat Versus Risk; Compliance Versus Management; The ONC Approach to Risk Analysis and Security Management; Step 1; Step 2; Step 3; Step 4; Finding the Right Analysis Tools; Tapping the HHS Resources. Beware the "Required" Versus "Addressable" ConfusionMoving Beyond a Checklist of Security Questions; References; Chapter 5 -- Reducing the Risk of a Data Breach; Seeing the larger picture; The best mindset: guilty until proven innocent; Passwords, Policies, and Procedures; Establishing Effective Governance; Technological Solutions; Encryption; Firewalls; Antimalware/Antiviral Software; Access Control; Intrusion Detection and Intrusion Prevention Systems; Faxing Solutions; Auditing Your Computer Systems; Making Email More Secure; Establishing Physical Safeguards; Protecting Big Data. Testing Your Network SecurityCybersecurity Insurance; References; Chapter 6 -- Mobile Device Security; Thinking strategically; Covering the Basics; BYOD: Bring Your Own Disaster?; Mobile Device Management Software; The Virtues of Virtual Private Networks; Appreciating the Difference Between Http and Https; References; Chapter 7 -- Medical Device Security; How real is the threat?; Taking a closer look at the "pathology" behind medjacking; What is the FDA Doing?; Dealing with Existing Medical Device Vulnerabilities; How are medical device companies coping?; Firming up the Firmware. Are medical device manufacturers HIPAA accountable?Weighing Your Security Options; References; Chapter 8 -- Educating Medical and Administrative Staff; Culture before education; Seeing the Bigger Picture; Understanding the Psychology of Change; Managing the Training Process; What Should the Training Consist of?; References; Chapter 9 -- HIPAA, HITECH, and the Business Associate; Evaluating the Threat; Are you a Business Associate?; Formal Agreements are a Must; More Exceptions to the Rule; What Should a Business Associate Agreement Look Like?; References. Chapter 10 -- Preparing for and Coping With a Data Breach. Includes bibliographical references and index. Medical records Access control. Data protection Great Britain. Confidential communications Physicians. BUSINESS & ECONOMICS General. bisacsh Confidential communications Physicians. fast (OCoLC)fst00874720 Data protection. fast (OCoLC)fst00887958 Medical records Access control. fast (OCoLC)fst01014549 Great Britain. fast (OCoLC)fst01204623 Electronic Health Records. (DNLM)D057286 Computer Security. (DNLM)D016494 Confidentiality. (DNLM)D003219 Decision Making. (DNLM)D003657 Risk. (DNLM)D012306 Health Information Management standards. (DNLM)D063025Q000592 Electronic books. Electronic book. Andress, Jason, editor. ScienceDirect http://www.sciencedirect.com/science/book/9780128043929 247318 247318