Skip to Main Content
Information Security Policy Development for Compliance
book

Information Security Policy Development for Compliance

by Barry L. Williams
April 2016
Intermediate to advanced content levelIntermediate to advanced
152 pages
4h 9m
English
Auerbach Publications
Content preview from Information Security Policy Development for Compliance
107
Appendix C: HIPAA Security Rule
Administrative Safeguards
164.308(a)(1)(i)
Security Management Process: Implement policies and procedures to
prevent, detect, contain, and correct security violations.
164.308(a)(1)(ii)(A)
Risk Analysis (R): Conduct an accurate and thorough assessment of
the potential risks and vulnerabilities to the condentiality, integrity,
and availability of electronic protected health information held by the
covered entity.
164.308(a)(1)(ii)(B)
Risk Management (R): Implement security measures sucient to
reduce risks and vulnerabilities to a reasonable and appropriate level
to comply with Section 164.306(a).
164.308(a)(1)(ii)(C)
Sanction Policy (R): Apply appropriate sanctions against workforce
members who fail to compl ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Writing Information Security Policies

Writing Information Security Policies

Scott Barman

Publisher Resources

ISBN: 9781466580589