After reading this chapter and completing the exercises, you will be able to do the following:
Explain health-care–related information cybersecurity regulatory compliance requirements.
Understand the components of a HIPAA/HITECH-compliant cybersecurity program.
Prepare for a regulatory audit.
Know how to respond to an ePHI security incident.
Write HIPAA-related policies and procedures.
Understand the HIPAA compliance enforcement process.
The genesis of health-care security–related legislation is the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Public Law 104-191). The original intent of the HIPAA regulation was to simplify and standardize ...