Best IT Documents.com Blog


Sample Visio – Prod Autosys Design

Sample Visio – Prod Autosys Design

www.bestitdocuments.com

Comments Off on Sample Visio – Prod Autosys Design

Healthcare HIPAA, HITRUST, HITECH Resources

 

IT Security / Technology Risk / Control Frameworks

HITRUST: (RISK Framework)

http://www.hitrustalliance.net/about/

 

Assessment Areas – HIPAA

  • Expert background in Technical Controls Assessment, Compliance, Risk, and Security control requirements.
  • HIPAA Security Rule (3 Safeguards – Administrative, Physical, Technical), Required vs. Addressable. HIPAA Gap Assessments, HIPAA IT Auditing or HIPAA IT Controls Design, Integration, Testing. Gap Assessments, Privacy Gap Assessment – Pre Audits.
  • Understanding of risk and control frameworks such as HITRUST, COBIT, UCF, ITIL, and ISO

 

Preparatory Research

  • Electronic Medical Records: Success Requires an Information Security Culture:

http://www.sans.org/reading_room/whitepapers/HIPAA/electronic-medical-records-success-requires-information-security-culture_34242

  • Aligning Application Security and Compliance: (good info)

http://www.corporatecomplianceinsights.com/wp-content/uploads/gravity_forms/14-f3c6012ed7b64af70e209c6db8553b08/2012/02/Aligning+Application+Security+and+Compliance1.pdf

  • SANS – MOACL – Mother of All Control Lists: (dated info but good)

http://www.sans.org/reading_room/whitepapers/compliance/meeting-compliance-efforts-mother-control-lists-moacl_33299

 

HIPAA Terminology

Covered Entity, Business Associate, Conduit, Meaningful Use/MU Phase I/II/III, Breach Notification Rule, OCR, ePHI / PHI, BNR, PNR, CFR 45 CFR 164.x (9/2013 – 3/2014), Final HIPAA Omnibus Rule, BA Contracts,

 

IT Governance / Regulations – HIPAA

HIPAA / Omnibus HIPAA Privacy, Security, Governance, And Compliance.

 

HIPAA

http://www.hhs.gov/ocr/privacy/HIPAA/understanding/summary/index.html

 

HIPAA: Survival Guide

http://www.HIPAAsurvivalguide.com/HIPAA-omnibus-rule.php

(Good info)

Terminology

Covered Entity, Business Associate, Baa / Contracts, Conduit, Meaningful Use/Mu Phase I/Ii/Iii, Breach Notification Rule, OCR, Ephi / Phi, Bnr, Pnr, Cfr 45 Cfr 164.X (9/2013 – 3/2014), Final HIPAA Omnibus Rule, Ba Contracts, HIPAA / Hitrust:  HIPAA And Hitrust – What’s The Difference?

 

Overview of HIPAA/Hitech Omnibus Final Rule

Omnibus / Healthit

Http://Www.Darkreading.Com/Privacy/New-HIPAA-Omnibus-Rule-Changes-Health-It/240148673

 

EPHI Identifiers / De-Identification

HHS: Guidance on Methods for De-Identification

HIPAA Phi: List of 18 Identifiers and Definition of PHI

EPHI Computer Systems Inventory:

https://community.pepperdine.edu/it/security/ric/invephi.htm

 

Yale: Break Glass Procedure: Granting Emergency Access to Critical EPHI Systems

Meaningful Use: What Is Meaningful Use?

Http://Www.Healthit.Gov/Policy-Researchers-Implementers/Meaningful-Use

 

Breach Notification Rule: HIPAA Breach Notification Rule, 45 CFR §§ 164.400-414

Covered Entities & Business Associates: § 160.103 Definitions.

  • De-Identification of PHI. Methods In Accordance With HIPAA Privacy Rule.
  • Summary Of The HIPAA Security Rule: HHS: Summary Of The HIPAA Security Rule
  • HIPAA Security Risk Analysis Tips – 9 Essential Elements
  • Complete A Privacy Rule Compliance Assessment (45 CFR §164.530)
  • MU – HIPAA Security Risk Analysis: How To Conduct A Meaningful Use / HIPAA Security Risk Analysis:
  • ECFR: Electronic Code Of Federal Regulations:
  • Cornell Law School – 45 CFR 164 – Summaries: http://www.law.cornell.edu/cfr/text/45/part-164

Are You Ready For A HIPAA Audit? 5 Insights for Executives

HIPAA Audit Tips – Prepare For Audits Using Omnibus Final Rule

White Paper: The HIPAA Final Omnibus Rule: New Changes Impacting Business Associates

Deloitte Brief: Update: Privacy and Security Of Protected Health Information Omnibus Final Rule and Stakeholder Considerations

 

OCR HIPAA Audits: Findings/Recommendations: Notification of Findings And Recommendations Report From OCR HIPAA Audits

HHS/OCR: HIPAA Lessons – UCLA: Specific Lessons from HIPAA Privacy and Security Case At

 

OCR HIPAA Audits: What To Expect When OCR Audits Come

HIPAA Interview and Document Request: HIPAA Security Onsite Investigations and Compliance Reviews: – Great Sample

OCR HIPAA Audit Briefings:  OCR Data On First 20 HIPAA Compliance Audits

HIPAA Enforcement: Case Examples Organized By Covered Entity:

 

Http://Www.HHS.Gov/OCR/Privacy/HIPAA/Enforcement/Examples/Casebyentity.Html#2healthcareprovider

 

HIPAA Settlements / Resolution Agreements

HIPAA-Hitech Compliance: Proven HIPAA Audit Tips – Actions You Should Take Now To Prepare For OCR HIPAA Audits

  1. Set privacy and security risk management & governance program in place (45 cfr § 164.308(a)(1))
  2. Develop & implement comprehensive HIPAA privacy and security and breach notification policies & procedures (45 cfr §164.530 and 45 cfr §164.316)
  3. Train all members of your workforce (45 cfr §164.530(b) and 45 cfr §164.308(a)(5))
  4. Complete a HIPAA security risk analysis (45 cfr §164.308(a)(1)(ii)(a))
  5. Complete a HIPAA security evaluation (= compliance assessment) (45 cfr § 164.308(a)(8))
  6. Complete technical testing of your environment (45 cfr § 164.308(a)(8))
  7. Implement a strong, proactive business associate / management program (45 cfr §164.502(e) and 45 cfr §164.308(b))
  8. Complete privacy rule and breach notification rule compliance assessments (45 cfr §164.500 and 45 cfr §164.400)
  9. Document and act upon a remediation plan

 

HHS.GOV – HIPAA: Security Series

  1. Security 101 for Covered Entities
  2. Security Standards Administrative Safeguards
  3. Security Standards – Physical Safeguards
  4. Security Standards – Technical Safeguards
  5. Security Standards – Organizational, Policies & Procedures, and Documentation Requirements
  6. Basics of Risk Analysis & Risk Management
Comments Off on Healthcare HIPAA, HITRUST, HITECH Resources

Sample Visio – O365 Technology Relationships

O365 Technology Relationships

www.bestitdocuments.com

Comments Off on Sample Visio – O365 Technology Relationships

Sample Visio – Azure Event Log Drawing 1

Azure Events Drawing

www.bestitdocuments.com

Comments Off on Sample Visio – Azure Event Log Drawing 1

Sample Visio – Azure Event Log Drawing 2

Azure Event Drawing

www.bestitdocuments.com

Comments Off on Sample Visio – Azure Event Log Drawing 2

Sample Visio – Oracle Server Replication Flows

Oracle Server Replication Flows

www.bestitdocuments.com

Comments Off on Sample Visio – Oracle Server Replication Flows

CA Autosys R11.3.5 Schema Tables

Posted in Application (380),Data Center - SOC - NOC,Security (1500),Web Services (250) by Guest on the November 11th, 2018

CA Autosys R11.3.5 Schema Tables

www.bestitdocuments.com

Comments Off on CA Autosys R11.3.5 Schema Tables

Sample Visio – Security Risk Management Architecture Framework

Comments Off on Sample Visio – Security Risk Management Architecture Framework

Sample Visio – SaaS – PaaS Cloud Models

Sample – SaaS – PaaS Cloud Models

www.bestitdocuments.com

 

Comments Off on Sample Visio – SaaS – PaaS Cloud Models

Word Document – Understanding Network Access Control

Posted in Data Center - SOC - NOC,Networking (340),Security (1500) by Guest on the November 1st, 2018

Understanding Network Access Control

www.bestitdocuments.com

 

Comments Off on Word Document – Understanding Network Access Control