After completing this chapter, the reader should be able to:

• Recognize how advances in information technology are challenging the security of patient health information.

• Define and discuss data integrity, authenticity, and security.

• Understand the implications of the Health Insurance Portability and Accountability Act (HIPAA) for information security.

• Identify significant internal and external risks for electronic healthcare information security systems.

• Discuss risk analysis and the role it plays in the security program.

• Adopt a model for a comprehensive information security program.

• Give examples of administrative, physical, and technical ...