HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 37 guests online
 
Advertisement

You are here: Home
EH-Net
May 20, 2013, 08:34:32 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
  Home Help Calendar Login Register  
  Show Posts
Pages: [1]
1  Ethical Hacking Discussions and Related Certifications / Compliance, Regulations & Standards / Re: HIPAA: Security Risk Analysis Matrix on: July 06, 2010, 03:12:33 AM
Most of these are generic Information Technology Risk Assessment documents. If you need a good resource for the HIPAA Security Risk Analysis which includes assessment for Administrative safeguards, Physical safeguards and Technical safeguards, then check this http://www.training-hipaa.net/template_suite/HIPAA_security_risk_assessment_analysis_template_tools.htm 

Normally companies charge anywhere between 10K to 20K for doing this type of assessment. I would recommend that before you start the assessment go through comprehensive training like Certified HIPAA Privacy Security Expert (CHPSE) as it looks like are very much involved in your HIPAA compliance. Comprehensive training will help you understand what you need, why you need etc. After having clear understanding of HIPAA regulation, it is easy to do the risk assessment.

The network vulnerability assessment (Pen testing) is something that you will have to do it on your own.
2  Ethical Hacking Discussions and Related Certifications / Compliance, Regulations & Standards / Re: HIPAA Security Training on: July 06, 2010, 03:00:24 AM
HIPAA requires employees to be trained based on their job role. Even if you employee is temporary employee. Based on the job role of the person, you will ask them to take necessary training. If you want them to take the basic training, you can ask them to do the Certified HIPAA Privacy Associate (CHPA) training http://hipaatraining.net/hipaa-certification/certified-hipaa-privacy-associate-chpa.htm  which includes HIPAA security overview. If you want them to have comprehensive HIPAA security training then you want them to go through the Certified HIPAA Security Expert (CHSE) http://hipaatraining.net/hipaa-certification/certified-hipaa-Security-Expert-chse.htm 

All consultants or companies providing temp staff are the business associate of covered entity. All BA have to comply with the HIPAA regulation. If you have temporary employee, they are still part of your organization and your organization will be responsible if there is HIPAA violation caused due to their action. The key is that the person has to be trained based on their job role.

If you are covered entity, download this questionnaire of  HIPAA compliance status of the business associates. This helps you to ensure that BA meets the HIPAA standards.  http://www.compliancehome.com/whitepapers/HIPAA/abstract11982.html

Feel free to ask if you have any other questions.
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.062 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.