Cargando…
Building a HIPAA-compliant cybersecurity program : using NIST 800-30 and CSF to secure protected health information /
Use this book to learn how to conduct a timely and thorough Risk Analysis and Assessment documenting all risks to the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI), which is a key component of the HIPAA Security Rule. The requirement is a focus area f...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
[Place of publication not identified] :
Apress,
[2017]
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Part I: Why Risk Assessment and Analysis
- Chapter 1: Not If, But When
- Chapter 2: Meeting Regulator Expectations
- Chapter 3: Selecting Security Measures
- Part II: Assessing and Analyzing Risk
- Chapter 4: Inventory Your ePHI
- Chapter 5: Who Wants Health Information
- Chapter 6: Weaknesses Waiting to Be Exploited
- Chapter 7: Is It Really This Bad?
- Chapter 8: Increasing Program Maturity
- Chapter 9: Targeted Non-technical Testing
- Chapter 10: Targeted Technical Testing
- Part III: Applying the Results to Everyday Needs
- Chapter 11: Refreshing the Risk Register
- Chapter 12: The Cybersecurity Roadmap
- Part IV: Continuous Improvement
- Chapter 13: Investing for Risk Reduction
- Chapter 14: Third Party-Risk: Beyond the BAA
- Chapter 15: Social Media, BYOD, IOT and Portability
- Chapter 16: Risk Treatment and Management
- Chapter 17: Customizing the Risk Analysis
- Chapter 18: Think Offensively
- Appendix A. NIST CSF Internal Controls
- Appendix B. NIST CSF to HIPAA Crosswalk
- Appendix C: Risk Analysis Templates.-