ID Number: G00169189



Addressing HIPAA Security, Part 2: 'Rightsizing' Compliance
23 September 2009
 
Paul E. Proctor  

The U.S. Health Insurance Portability and Accountability Act Security Rule has a great deal of built-in flexibility; the key is to build a defensible position of compliance. Affected organizations should analyze their current and planned activities to ensure their efforts are appropriate.




Price: US$495.00

Pages: 8






Document History


Browse Topics


Other Options







Contact Gartner





Purchasing this document is fast, easy and secure, but you must be registered with gartner.com so we can track your order. Please select your status from these three choices:
Registration is required to purchase this document.
Or, you can register for gartner.com only.
 You or your organization may already own this document. Register now to find out. Your Gartner Membership Administrator can supply the needed License Key(s).
You will not lose your document during registration.
Sign in here:
Username:

Password:
Forgot your username
or password?







For more information about purchasing this or other documents, contact Gartner at one of the telephone numbers below:
North America:    +1 203-316-3010 7:30 am - 8:00 pm Stamford, CT
Europe:    +44 1784 267770 9:00 am - 5:00 pm London
Asia/Pacific:    +65 6879 2785 9:00 am - 6:00 pm Singapore
Japan:    +81 3 3481 3552 9:00 am - 5:30 pm Tokyo

Table of Contents


    
 Analysis

1.0
    
 Overview
2.0
    
 Avoid Trying to Protect the Organization From Everything: Understanding Residual Risk
3.0
    
 Standard of Due Care
4.0
    
 Self-Certification and Third-Party Review
5.0
    
 Examples of Rightsizing HIPAA Compliance

5.1
    
 Contingency Planning 164.308(a)(7)(i)
5.2
    
 Access Control 164.312(a)(1)
5.3
    
 Encryption 164.312(a)(1)
5.4
    
 Workforce Security 164.308(a)(3)(i)
5.5
    
 Security Awareness and Training 164.308(a)(5)(i)
5.6
    
 Facility Access Controls 164.310(a)(1)
5.7
    
 Integrity 164.312(c)(1)
6.0
    
 "Rightsizing" HIPAA Security Compliance
7.0
    
 Bottom Line

    
 Recommended Reading




Document History:
 
Addressing HIPAA Security, Part 2: 'Rightsizing' Compliance
23 September 2009
  
Addressing HIPAA Security, Part 2: 'Rightsizing' Compliance
26 June 2007
  




Browse Topics:
 
Security Policies
Customer Security and Privacy
Regulatory Compliance
Computer-Based Patient Records
HIPAA Regulations
Compliance Management




© 2009 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.




Resource Id: 1187322