Building a HIPAA-Compliant Cybersecurity Program Using NIST 800-30 and CSF to Secure Protected Health Information /
Use this book to learn how to conduct a timely and thorough Risk Analysis and Assessment documenting all risks to the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI), which is a key component of the HIPAA Security Rule. The requirement is a focus area f...
| Κύριος συγγραφέας: | |
|---|---|
| Συγγραφή απο Οργανισμό/Αρχή: | |
| Μορφή: | Ηλεκτρονική πηγή Ηλ. βιβλίο |
| Γλώσσα: | English |
| Έκδοση: |
Berkeley, CA :
Apress : Imprint: Apress,
2017.
|
| Θέματα: | |
| Διαθέσιμο Online: | Full Text via HEAL-Link |
Πίνακας περιεχομένων:
- Part I: Why Risk Assessment and Analysis
- Chapter 1: Not If, But When
- Chapter 2: Meeting Regulator Expectations
- Chapter 3: Selecting Security Measures
- Part II: Assessing and Analyzing Risk
- Chapter 4: Inventory Your ePHI
- Chapter 5: Who Wants Health Information
- Chapter 6: Weaknesses Waiting to Be Exploited
- Chapter 7: Is It Really This Bad?
- Chapter 8: Increasing Program Maturity
- Chapter 9: Targeted Non-technical Testing
- Chapter 10: Targeted Technical Testing
- Part III: Applying the Results to Everyday Needs
- Chapter 11: Refreshing the Risk Register
- Chapter 12: The Cybersecurity Roadmap
- Part IV: Continuous Improvement
- Chapter 13: Investing for Risk Reduction
- Chapter 14: Third Party-Risk: Beyond the BAA
- Chapter 15: Social Media, BYOD, IOT and Portability
- Chapter 16: Risk Treatment and Management
- Chapter 17: Customizing the Risk Analysis
- Chapter 18: Think Offensively
- Appendix A. NIST CSF Internal Controls
- Appendix B. NIST CSF to HIPAA Crosswalk
- Appendix C: Risk Analysis Templates.- .
