O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Healthcare Information Technology Exam Guide for CHTS and CAHIMS Certifications, 2nd Edition

Book Description

This effective study resource delivers complete coverage of all topics on the newest versions of these challenging HIT exams

This comprehensive self-study guide fully prepares candidates for the Certified Associate in Healthcare Information and Management Systems (CAHIMS) exam, all six Certified Healthcare Technology Specialist (CHTS) exams, and CompTIA’s HIT exam. The book enables computer professionals to transition into healthcare information technology (HIT) with coverage of topics ranging from regulatory requirements to healthcare privacy and security and also serves as a valuable on-the-job reference.

Healthcare Information Technology: CHTS Certified Healthcare Technology Specialist & CAHIMS Certified Associate in Healthcare Information and Management Systems Exam Guide is designed to familiarize IT professionals with the health-related aspects and the IT requirements of the healthcare HIT field. Written in a hands-on, straightforward style, the book includes “Tips,” which highlight important information throughout the chapters; “Use Cases,” which detail HIT at work in real-world situations; chapter summaries; and chapter review questions that test comprehension.

• Electronic content includes practice exams, a list of HIT roles, and a PDF copy of the book
• Appendices allow readers to drill down and focus on the content pertaining to a specific exam
• Written by a team of experts with extensive professional experience

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Lead Authors
  6. Contents at a Glance
  7. Contents
  8. Foreword
  9. Acknowledgments
  10. Part I Healthcare and Information Technology in the United States
    1. Chapter 1 Healthcare Information Technology: Definitions, Stakeholders, and Major Themes
      1. The Explosion of Healthcare Information Technology
      2. New Network Complexity Requires New Standards for Data Sharing and Interoperability
      3. The Role of HIT in the Continuum of Healthcare
      4. The Increasing Volume and Shift to Value of Healthcare IT
        1. Increasing the Volume of EHRs
        2. Measuring the Value of Healthcare
      5. Preparing a Critical Mass of Certified Healthcare IT Technicians and Professionals
      6. The Roles of HIMSS and AHIMA in Support of Healthcare Information Credentialing, Education, and Training
        1. Healthcare Information and Management Systems Society (HIMSS)
        2. American Health Information Management Association (AHIMA)
      7. Chapter Review
        1. Questions
        2. Answers
        3. References
    2. Chapter 2 U.S. Healthcare Systems Overview
      1. U.S. Healthcare Delivery Organizations and Management Structures
        1. Private Medical Practices
        2. Health Maintenance Organizations (HMOs)
        3. Independent Practice Associations (IPAs)
        4. Preferred Provider Organizations (PPOs)
        5. Hospitals
        6. Academic Health Centers
        7. Specialty Hospitals
        8. Public Health Departments
        9. Other Healthcare Organizations
      2. Healthcare Venues
        1. Ambulatory Care Centers
        2. Acute Care
        3. Long-term Care Facilities
        4. Home Care/Visiting Nursing Services
        5. Community/Population Care
        6. Hospice/Palliative Care
      3. Types of Healthcare
        1. Primary Care
        2. Behavioral Health
        3. Specialty Care
        4. Emergency Care
        5. Urgent Care
        6. Acute Care vs. Chronic Care
        7. Patient Education
        8. Integrative Medicine
        9. Telehealth
      4. Healthcare Professions
        1. Certification and Accreditation
      5. Healthcare Reform and Quality
        1. Costs—U.S. Expenditures Overall Compared to Other Countries
        2. Affordable Care Act (ACA)
        3. HITECH Meaningful Use Provision
        4. Medicare Access and CHIP Reauthorization Act of 2015
      6. Healthcare Regulatory and Research Organizations
        1. Regulation
        2. Research
      7. Chapter Review
        1. Questions
        2. Answers
        3. References
    3. Chapter 3 An Overview of How Healthcare Is Paid For in the United States
      1. The Nature of Health Insurance
      2. The Structure of Health Insurance
      3. Insurance in the United States
        1. Insurance Products
        2. Commercial (Private) Insurance in the United States
        3. Medicare
        4. Medicaid
        5. Uncompensated Care
      4. Chapter Review
        1. Questions
        2. Answers
        3. References
    4. Chapter 4 Healthcare Information Technology in Public Health, Emergency Preparedness, and Surveillance
      1. Public Health Reporting
      2. Registries
      3. Health Alerts
      4. Privacy and Security
      5. Scope of Data
      6. Clinical Information Standards
      7. Trends and What to Expect in the Future
      8. Chapter Review
        1. Questions
        2. Answers
        3. References
  11. Part II Fundamentals of Healthcare Information Science
    1. Chapter 5 Computer Hardware and Architecture for Healthcare IT
      1. Computer Hardware
        1. Input Devices
        2. Output Devices
        3. System Components
      2. Cloud Computing, ASPs, and Client-Server EMR Systems
      3. Hardware Management
        1. Operating Systems and Hardware Drivers
        2. Networking Hardware
        3. Portable Computers
        4. Wearable Computers
        5. Server Computers
        6. Trends in Meeting Hardware Requirements
        7. Computer Asset Management
      4. Chapter Review
        1. Questions
        2. Answers
        3. References
    2. Chapter 6 Programming and Programming Languages for Healthcare IT
      1. Languages and Virtual Machines
      2. Operating Systems
      3. The C Language
      4. The C++ Language
      5. The Java Language
      6. Hypertext Markup Language (HTML)
      7. Extensible Markup Language (XML)
      8. Active Server Pages (ASP)
      9. PHP: Hypertext Preprocessor (PHP)
      10. Programming Languages and Development Environments for Mobile Health Application Development
      11. Chapter Review
        1. Questions
        2. Answers
        3. References
    3. Chapter 7 Databases, Data Warehousing, Data Mining, and Cloud Computing for Healthcare
      1. Healthcare Databases
        1. Database Basics
      2. Database Application Development Process
        1. Analyzing the Business Scenario and Extracting Business Rules
        2. Modeling Database: Entity Relationship Diagram Design and Normalization
        3. Creating a Physical Database Using Structured Query Language
        4. Implementing a Healthcare Database Application
      3. Database Administration and Security
        1. Database Administration
        2. Database Security
      4. Data Warehouses for Healthcare
        1. What Is a Data Warehouse?
        2. The Differences Between a DW and OLTP
        3. Data Warehouse Models
        4. A Healthcare Data Warehouse Life Cycle
      5. Data Mining in Healthcare
        1. What Is Data Mining?
        2. Applications of Data Mining in Healthcare
      6. Cloud Computing in Healthcare
        1. Cloud Computing Models
        2. Cloud Computing Deployment Models
        3. Examples of Cloud Computing in Healthcare
        4. Pros and Cons of Cloud Computing in Healthcare
      7. Chapter Review
        1. Questions
        2. Answers
        3. References
    4. Chapter 8 Networks and Networking in Healthcare
      1. Telecommunications and Healthcare
      2. From Voice to Data Networks and the Global Internet
      3. Data Communications Concepts
        1. Connectivity: The Geometrical Nature of Networks
        2. Communication Models
        3. Communications Protocols
        4. Data and Signals
        5. Digitization
        6. Throughput
        7. Addressing in Data Networks
        8. The World Wide Web as an Example of a Network Application
        9. PANs, LANs, MANs, and WANs
      4. How a Network Works
        1. Application Architectures
        2. Network Architectures and Implementations
        3. Device Configuration
      5. Wireless Networks
        1. Wireless Applications and Issues in a Healthcare Setting
        2. WLAN Topology
        3. 802.11 Standards
        4. Security
        5. Bluetooth
        6. WAP, WML, and HTML5
        7. Cellular
      6. Sample Network
        1. Purpose of a Network
        2. Components of the Sample Network
        3. Network Address Translation
        4. Port Forwarding
        5. Router Configuration
        6. Wireless Access Points and WLAN Controllers
        7. Firewalls
        8. Cabling
      7. Transmission of Healthcare Data (HL7)
        1. HL7 v2
        2. HL7 v3
        3. HL7 FHIR
        4. EHR Outbound Communication
      8. Chapter Review
        1. Questions
        2. Answers
        3. References
    5. Chapter 9 Systems Analysis and Design in Healthcare
      1. Systems Analysis and Design in HIT
        1. The Systems Development Life Cycle (SDLC)
      2. Trends and Issues in HIS Analysis and Design
      3. Chapter Review
        1. Questions
        2. Answers
        3. References
    6. Chapter 10 Fundamentals of Health Workflow Process Analysis and Redesign
      1. Life Cycle of Major Information Technology Implementation and Organizational Change
      2. Process Management and Process Improvement
        1. Process Hierarchy: Levels of Mapping Processes
      3. Methodologies for Understanding Processes
        1. Observation
        2. Modeling Workflows for Scope of Professional Practice Standards
        3. Simulation
        4. Lean Strategy
        5. Business Process Management
      4. Workflow Mapping Tools
        1. Workflow Diagram Example
        2. Role-Based Swim-Lane Workflow
        3. Value Stream Mapping
      5. Success Factors for Implementing Clinical Process Change
        1. Additional Techniques
      6. Identification and Prioritization of Targets for Workflow Improvement
      7. Change Management
        1. Change Management Principles
      8. Chapter Review
        1. Questions
        2. Answers
        3. References
    7. Chapter 11 Healthcare IT Project Management
      1. Projects, Project Management, and Healthcare IT
        1. Critical Success Factors for Healthcare IT Projects
        2. The Project Management Institute, PMBOK, and PMP
        3. Major Project Management Constraints/Objectives
        4. Project Team Roles and Stakeholders
        5. Effective Communication in Projects
        6. Process Groups and the Project Life Cycle
      2. Project Initiation
        1. Project Charter and Scope
        2. Project Problem/Vision/Mission Statements
        3. SMART Project Objectives
      3. Planning a Healthcare IT Project
        1. The Work Breakdown Structure (WBS)
        2. Estimating Time, Cost, and Resources
        3. Developing the Project Schedule
        4. Scheduling Resources in Projects
      4. Executing, Monitoring, and Controlling HIT Projects
        1. Execution Principles, Issues, and Opportunities
        2. Monitoring Progress in Projects
        3. Changing the Plan
      5. Closing the Project
      6. Chapter Review
        1. Questions
        2. Answers
        3. References
    8. Chapter 12 Assuring Usability of Healthcare IT
      1. Usability of Healthcare IT
        1. Usability Engineering Approaches
        2. Usability and HIT Safety
      2. Human Factors and Human–Computer Interaction in Healthcare
      3. User Interface Design and Human Cognition
        1. Importance of Considering Cognitive Psychology
        2. Approaches to Cognition and HCI
      4. Technological Advances in HIT and User Interfaces
        1. Input and Output Devices and the Visualization of Healthcare Data
        2. Approaches to Developing User Interfaces in Healthcare
        3. Methods for Assessing HIT in Use
      5. Challenges and Future Issues
      6. Chapter Review
        1. Questions
        2. Answers
        3. References
  12. Part III Healthcare Information Standards and Regulation
    1. Chapter 13 Navigating Health Data Standards and Interoperability
      1. Introduction to Health Data Standards
      2. Standards Categories
        1. Health Data Interchange and Transport Standards
        2. Vocabulary and Terminology Standards
        3. Content and Structure Standards
        4. Security Standards
      3. Standards Coordination and Interoperability
        1. Health IT Standards Committee
        2. International Organization for Standardization
        3. Integrating the Healthcare Enterprise
        4. eHealth Exchange and the Sequoia Project
      4. The Business Value of Health Data Standards
      5. Chapter Review
        1. Questions
        2. Answers
        3. References
      6. Additional Study
    2. Chapter 14 Interoperability Within and Across Healthcare Systems
      1. User Identity
        1. Provisioning
        2. Identity Proofing
        3. Role Assignment
        4. Deprovisioning
      2. User Account Support
        1. Internal Directory vs. External Directory
      3. Authentication
        1. The Multiple Factors of Authentication
        2. Secondary Authentication
        3. Automatic Logoff
        4. Authentication vs. Claims About Authentication (Federated Identity)
      4. Accountability
        1. Access Control
        2. Audit Control
        3. Balanced Access Control and Audit Control
      5. Roles and Permissions
        1. What Are Permissions?
        2. Systems Have Roles
        3. Truth Tables
      6. Multilevel Data Confidentiality
        1. Data Tagging with Sensitivity Codes
        2. Coding of Restricted Data
      7. Medical Records Regulations
      8. Other Sources of Access Control Rules
      9. Data Treated at the Highest Level of Confidentiality
      10. Purpose of Use
      11. Patient Privacy
        1. Privacy Consent Related to Purpose of Use and Access Control
        2. Hint
      12. Summary of Basic Access Control
        1. Patient Information
        2. User Information
        3. Resource Information
        4. Context Information
        5. Policies: Where the Logic Resides
      13. Healthcare Information Exchange
        1. Push vs. Pull in an HIE
        2. Enforcement of Access Controls in an HIE
        3. The First Rule of HIE Access Control
        4. The Second Rule of HIE Access Control
        5. HIE Access Control Information
        6. Metadata
        7. User Identity in an HIE
      14. Access Control Languages
      15. Chapter Review
        1. Questions
        2. Answers
        3. References
    3. Chapter 15 Assuring the Health Insurance Portability and Accountability Act Compliance
      1. Introduction to the Healthcare Legal Environment
      2. HIPAA, HITECH Act, and Omnibus Rule Overview
        1. Legal Documents Review
        2. HIPAA Administrative Simplification Provisions
      3. HIPAA Privacy Rule: 45 CFR Part 164, Subpart E
        1. Use and Disclosure of PHI: 45 CFR 164.502(a)
        2. Minimum Necessary: 45 CFR 164.502(b)
        3. BA Contracts: 45 CFR 164.504(e), 45 CFR 164.308(b), 45 CFR 164.314(a)
        4. Consent: 45 CFR 164.506
        5. Authorization Requirements: 45 CFR 164.508
        6. Release Without Consent or Authorization: 45 CFR 164.512
        7. Avert a Serious Threat to Safety: 45 CFR 164.512(j)
        8. Disclosure for Specialized Government Functions: 45 CFR 164.512(k)
        9. Limited Data Set: 45 CFR 164.514(e)
        10. Notice of Privacy Practices: 45 CFR 164.520
        11. Patient Privacy Rights
        12. Privacy Official and Security Official: 45 CFR 164.530(a), 45 CFR 164.308(a)(2)
        13. Workforce Training: 45 CFR 164.530(b), 45 CFR 164.308(a)(5)
        14. Standard Safeguards: 45 CFR 164.530(c)
        15. Sanctions: 45 CFR 164.530(e), 45 CFR 164.308(a)(1)
        16. Privacy and Security Policies and Procedures: 45 CFR 164.530(i), 45 CFR 164.316
      4. HIPAA Security Rule: 45 CFR Part 164, Subpart C
        1. Administrative Safeguards: 45 CFR 164.308
        2. Physical Safeguards: 45 CFR 164.310
        3. Technical Safeguards: 45 CFR 164.312
      5. Breach Notification Rule: 45 CFR Part 164, Subpart D
        1. Breach Definition: 45 CFR 164.402
        2. General Breach Description Notification Requirements: 45 CFR 164.404(a–c) 38
        3. Methods of Notification: 45 CFR 164.404(d)
        4. Notification Delay for Law Enforcement Purposes: 45 CFR 164.412
        5. Specific CE Requirements: 45 CFR 164.404
        6. Specific BA Requirements: 45 CFR 164.410
      6. HIPAA Enforcement Rule: 45 CFR Part 160
      7. Additional Guidance
      8. Chapter Review
        1. Questions
        2. Answers
        3. References
    4. Chapter 16 Health Information Technology and Health Policy
      1. The Linkage Between Health Policy and Health IT: Why It’s Important
      2. Precision Medicine Initiative
      3. Interoperability
      4. New Payment Models
      5. Computable Privacy
      6. EHR Incentive and Certification Programs
      7. Quality Measures
      8. Chapter Review
        1. Questions
        2. Answers
        3. References
    5. Chapter 17 The Electronic Health Record as Evidence
      1. Sources and Structure of U.S. Law
      2. Three Branches of U.S. Government Responsible for Carrying Out Government Powers and Functions
        1. Executive Branch: President, Vice President, and Cabinet
        2. Legislative Branch: The Senate and the House of Representatives
        3. Judicial Branch: Structure and Function of the U.S. Court System
      3. The Medical Record
      4. EHR Standards for Records Management and Evidentiary Support
      5. The Role and Use of the Medical Record in Litigation and/or Regulatory Investigations
        1. Paper-based Medical Records vs. Electronic Health Records in Discovery
        2. Discovery and Admissibility of the EHR
      6. The Federal Rules of Evidence (FRE)
        1. Medical Records as Hearsay
        2. Physician-Patient Privilege
      7. Incident Report Privilege
      8. The Scope and Procedures of E-Discovery Process
        1. Impact of the 2015 Amendments to the E-Discovery Process
        2. Duty to Preserve Relevant Evidence and Establishing Legal Holds
      9. The Path Forward: A Coming Together of Laws, Rules, and Regulations
        1. The HITECH Act
        2. The Health Insurance Portability and Accountability Act
        3. The Convergence of E-Discovery and Release of Information Processes
        4. The Concept of the Legal Health Record
      10. A New Era in the Nation’s Health Information Infrastructure
        1. Cures Act
        2. NIST
      11. Chapter Review
        1. Questions
        2. Answers
        3. References
  13. Part IV Implementing, Managing, and Maintaining Healthcare IT
    1. Chapter 18 Effective Organizational Communication for Large-Scale Healthcare Information Technology Initiatives
      1. Importance of Communications in Health IT Initiatives
        1. Leadership and Governance
        2. Rules for Governance
      2. Focus on Customers and Players
        1. Patients and Communities
        2. Physicians
        3. Nursing Workforce
        4. IT Departments and Multidisciplinary Project Teams
        5. Healthcare System Leadership
      3. Components of a Communications Plan
        1. Project Phases and the Communication Functions
        2. Communication Metrics
      4. Key Industry Considerations
        1. The Expanding World of Media
        2. Role of Federal Healthcare Agencies
        3. Role of Regulatory Standards and the Evolution of Health Information Exchange
      5. Chapter Review
        1. Questions
        2. Answers
        3. References
    2. Chapter 19 Non-EHR HIT: From Architecture to Operations
      1. The Healthcare IT Organization: Challenges, Structures, and Roles
      2. HIT Major Non-EHR HIT Systems and Applications
        1. Working with Enterprise HIT Systems
        2. Vendor-Specific Systems: Acquisition, Installation, and Maintenance of HIT Systems
        3. Radiology Systems
        4. Pharmacy Systems
        5. Lab Systems
        6. Patient Monitoring Systems
        7. Supply Chain Systems
        8. ERP Software Systems
        9. Finance and Operations Systems
        10. Clinical Decision Support (CDS)
        11. Patient Relationship Management Systems
        12. Application Data Interchange Systems
      3. Chapter Review
        1. Questions
        2. Answers
        3. References
    3. Chapter 20 EHR Implementation and Optimization
      1. Using HIT and EHRs for Organizational Transformation
        1. Banner Health
        2. Emory Healthcare
        3. Governance of Large HIT and EHR Initiatives
        4. Change Management
      2. Managing the Project
        1. A Good Product and Team
        2. The Orders Catalog and Order Sets
        3. Documentation Templates and Note Hierarchy
        4. Migrating Data
        5. Extraction, then Conversion
        6. Develop Workflows
        7. Policies Affect Workflows
        8. Testing
        9. Training
        10. Reduce Schedules for Go-Live
        11. Downtime Procedures
        12. Go-Live Support
        13. During and Post Go-Live Communication
        14. Monitoring Success
      3. Chapter Review
        1. Questions
        2. Answers
        3. References
    4. Chapter 21 Training Essentials for Implementing Healthcare IT
      1. Models and Principles
      2. Assessing Basic Skill Level
      3. Design Elements
        1. The Adult Learner
      4. Constructing a Lesson Plan
        1. Multimedia as a Method of Delivery
        2. Current Internet Technologies
      5. Training Delivery and Accommodation
      6. Evaluating Learning
        1. Program Evaluation
      7. Utilizing a Learning Management System
        1. New Directions
      8. Chapter Review
        1. Questions
        2. Answers
        3. References
    5. Chapter 22 Using Healthcare IT to Measure and Improve Healthcare Quality and Outcomes
      1. Why Measure Quality?
      2. Defining Quality Measures for EHR Queries
      3. What Makes a Quality Measure Worth Measuring?
        1. Evidence-Based Clinical Practice Guidelines
      4. What Is the Connection Between Clinical Decision Support and Quality Measurement?
      5. What Is the Measure of a Measure?
        1. What Are the Types of Measures, and How Are They Different?
      6. What Are the Expectations for the EHR to Perform Measurement?
      7. What Changes Are Needed to Enable Electronic Clinical Quality Measures?
        1. Data Modeling: Example from the International Health Information Terminology Standards Development Organization
      8. How Are Value Sets Standardized?
      9. Moving Forward: Retooling vs. Creating Measures de Novo Based on Data in EHRs
      10. Chapter Review
        1. Questions
        2. Answers
        3. References
  14. Part V Optimizing Healthcare IT
    1. Chapter 23 Big Data and Data Analytics
      1. Innovation in Healthcare IT: The Creative Reconstruction of Health and Wellness
      2. Which Technologies Are Creating Big Opportunities for Innovation?
        1. How Do We Optimize the Human-Machine Interface?
        2. How Do We Accelerate Continuous Learning and Innovation?
      3. A Simple Taxonomy for Innovation
      4. The Different Communities Engaged in Healthcare Delivery
        1. Person-Centric Communities
        2. Professional Care-Delivery Teams
        3. Personal Caregiver Networks
      5. What Can the Impact of Innovations Be on the Future Technologies?
      6. Key Gaps and How Technology Can Help Close Them
        1. The Empathy Gap Is the Most Important Gap to Close
        2. Gap Between Evidence and Behavior for Disorders of Lifestyle
        3. Environmental Disruption Gap (Chemical, Thermal, Microbial)
        4. Learning/Education/Communication Gap
        5. AI/Robotics Robotics Gap
        6. Gap in Seamless and Reliable Human Data Entry
        7. Gap in Evidence-Based Virtual Care
        8. The Science vs. the Application of –omics (Genomics, Microbiomics, Proteomes, etc.) Gap
        9. Gap in Drones and Healthcare
        10. Gap in 3D Printing
        11. Gap in Chatbots, AI, Trust, and Health
        12. Gap in Transcranial Magnetic Stimulation and Health
        13. Gap in New Psychopharmacology Research and Previously Refractory Psychiatric States
        14. Gap in Harnessing Exponential Technology
      7. Chapter Review
        1. Questions
        2. Answers
        3. References
    2. Chapter 24 Innovations in Healthcare Impacting Healthcare Information Technology
      1. Innovations in Genetics/Genomics/Pharmacogenomics
        1. Genetics/Genomics Throughout the Healthcare Continuum
        2. New Major Sources of Evidence with a Focus on Pharmacogenomics
        3. The IT Volume Challenge of Monitoring Genetics/Genomics/Pharmacogenomics in Healthcare
      2. Innovations in Mobile Devices in Healthcare
        1. Wireless Communication Technologies and Standards
        2. Mobile Devices Connected to the Internet
        3. Mobile Device Security Protocols
        4. How Mobile Networks Are Being Used in Healthcare
        5. The Most Popular Mobile Health Apps
        6. Healthcare Professionals’ Use of Mobile Devices
        7. Major Barriers to Advancing Mobile Devices
        8. Steps to Institutionalizing Genomic and Mobile Technologies
        9. Innovative Institutions Pushing Advances in Genomics and Mobile Devices
        10. Nine Technologies for Future Innovation Using Devices
        11. Social Media Being Used in Healthcare
      3. Innovations in Telehealth
        1. Major Services of Telehealth
        2. Delivery Mechanisms Used for Telehealth
      4. Chapter Review
        1. Questions
        2. Answers
        3. References
  15. Part VI Making It All Secure: Healthcare IT Privacy, Security, and Confidentiality
    1. Chapter 25 Framework for Privacy, Security, and Confidentiality
      1. When Things Go Wrong
      2. HIT Trust Framework
        1. Layer 1: Risk Management
        2. Layer 2: Information Assurance Policy
        3. Layer 3: Physical Safeguards
        4. Layer 4: Operational Safeguards
        5. Layer 5: Architectural Safeguards
        6. Layer 6: Technology Safeguards
        7. Layer 7: Usability Features
      3. Chapter Review
        1. Questions
        2. Answers
        3. References
    2. Chapter 26 Risk Assessment and Management
      1. Definitions
      2. Risk Management in Healthcare IT
      3. The Risk-Management Process
        1. Risk Identification
        2. Risk Assessment
        3. Risk-Mitigation Planning
        4. Risk-Mitigation Tracking
        5. Documentation and Communication
      4. Domains of Risk Analysis
        1. Security Risk Analysis
        2. Application and Data Criticality Analysis
        3. Privacy Risk Analysis
        4. Safety Risk Assessment
      5. Chapter Review
        1. Questions
        2. Answers
        3. References
    3. Chapter 27 Physical Safeguards, Facility Security, Secure Systems and Networks, and Securing Electronic Media
      1. Physical Safeguard Requirements
      2. Locating Storage Devices, Network Hardware, Printers, and Other Devices
      3. Securely Handling Protected Health Information (PHI)
        1. Monitor Placement
        2. Privacy Screens
        3. Printer, Fax Machine, and Scanner Placement
        4. Screensavers
        5. Time Lockout
        6. Access to Servers, Offices, and Data Closets
        7. Access-Control Devices
      4. Building Secure Systems
        1. Office Hardware
        2. Locks
        3. Door Locks
        4. Environmental Controls
        5. Other Controls
      5. Securing and Preserving Electronic Media Storage Devices
        1. Flash Drives
        2. Personal Computers (PCs)
        3. Laptops
        4. Secure Digital (SD) Card
        5. External Drives
        6. Servers
        7. Network-Attached Storage (NAS)
        8. Storage Area Network (SAN)
      6. Encryption
        1. Symmetric Encryption
        2. Asymmetric or Public Key Infrastructure (PKI)
        3. TLS/SSL
        4. DES
        5. AES
        6. 3DES
        7. PGP
      7. Secure Disposal of Electronic Media
        1. Secure Shredding, Degaussing, and Sanitizing
        2. Determining the Level and Type of Destruction
      8. Chapter Review
        1. Questions
        2. Answers
        3. References
    4. Chapter 28 Healthcare Information Security: Operational Safeguards
      1. Operational Safeguards: A Component of Information Security
      2. Operational Safeguards in Healthcare Organizations
        1. Security Management Process
        2. Information Management Council
        3. Identity Management and Authorization
        4. Awareness and Training Programs
        5. Risk Assessment
        6. Software and System Development
        7. Configuration Management
        8. Consent Management
        9. System Activity Review
        10. Continuity of Operations
        11. Incident Procedures
        12. Sanctions
        13. Evaluation
        14. Business Associate Contracts
      3. Healthcare-Specific Implications on Operational Safeguards
        1. Networked Medical Devices
        2. Multiple-Tenant Virtual Environments
        3. Mobile Device Management
      4. Operational Safeguards in Emerging Healthcare Trends
        1. Healthcare in the Cloud
        2. International Privacy and Security Concerns
        3. Health Information Exchanges
        4. Workforce Information Security Competency
        5. Accountable-Care Organizations
        6. Meaningful Use Privacy and Security Measures
      5. Chapter Review
        1. Questions
        2. Answers
        3. References
    5. Chapter 29 Architectural Safeguards
      1. Reliability
        1. Relationship Between Reliability and Security
        2. Reliability Implications for Healthcare Systems
      2. Availability
        1. Availability as a Component of Data Security
      3. Maintainability
      4. Scalability
      5. Safety
        1. Considerations for Healthcare IT Systems
        2. Considerations for Medical Devices
      6. Considerations for Design of High-Reliability Healthcare Systems
        1. Fail-Safe Design
        2. Fault Tolerance
        3. Redundancy and Failover
        4. Simplicity
      7. Chapter Review
        1. Questions
        2. Answers
        3. References
    6. Chapter 30 Healthcare Cybersecurity Technology
      1. Healthcare Cybersecurity Threat
        1. Think Like a Bad Guy
        2. The Big Four: Cybercrime, Cyber Espionage, Hacktivism, and Advanced Persistent Threats
        3. Staying Abreast of the Threat
      2. Planning for Outcomes: Cybersecurity Frameworks and Standards
      3. Building a Secure Architecture
        1. Maintaining a Current Environment
        2. Managing Privileges
        3. Thwarting Cyber Exploitation
        4. Isolating Cyber Threats
        5. Detecting Cyber Intrusions
        6. Detecting Web-Based Threats
        7. Detecting the Unknown
        8. Addressing the Ubiquitous Threat of IoT
        9. Monitoring Activity
        10. Conducting Information Correlation and Analysis
      4. Looking for Vulnerabilities
        1. Vulnerability Testing
        2. Penetration Testing
        3. Red Teaming for Readiness
      5. Chapter Review
        1. Questions
        2. Answers
        3. References
    7. Chapter 31 Cybersecurity Considerations for Medical Devices
      1. Medical Device Cybersecurity and Cybersafety: An Introduction
      2. Medical Device Vulnerabilities and Risks: A Review
      3. Medical Device Regulation: Impact on Cybersecurity
        1. Regulatory Background
        2. Changes in the Regulatory Landscape
      4. Implementing Medical Device Cybersecurity
        1. A Shared Responsibility
        2. Risk Analysis, Assessment, and Management: Laying the Foundation
      5. Chapter Review
        1. Questions
        2. Answers
        3. References
  16. Part VII Appendixes
    1. Appendix A AHIMA CHTS Exams Domain Maps
      1. CHTS-CP: Clinician/Practitioner Consultant Examination
      2. CHTS-IM: Implementation Manager Examination
      3. CHTS-IS: Implementation Support Specialist Examination
      4. CHTS-PW: Practice Workflow & Information Management Redesign Specialist Examination
      5. CHTS-TR: Trainer Examination
      6. CHTS-TS: Technical/Software Support Staff Examination
    2. Appendix B HIMSS CAHIMS Exam Domain Map
    3. Appendix C About the Download
      1. System Requirements
      2. Installing and Running Total Tester Premium Practice Exam Software
      3. Total Tester Premium Practice Exam Software
      4. McGraw-Hill Education Media Center Download
      5. Glossary and Appendix
      6. Risk Register and Example Risk Map from Chapter 26
      7. Technical Support
    4. Appendix D Healthcare Professional and Workforce Roles
  17. Glossary
  18. Index