Having problems with message search?
At the 16th CMS Implementation Roundtable it was announced that DRAFT NIST SP 800-66, "Introductory Resource Guide for
Implementing the HIPAA Security Rule" had been published. See:
Implementing the HIPAA Security Rule" had been published. See:
If you are going to be actively engaged in achieving HIPAA security compliance, you may just want to add the base page for DRAFT NIST special publications (http://csrc.nist.gov/publications/drafts.html) and final NIST special publications (http://csrc.nist.gov/publications/nistpubs/) to your list of internet HIPAA informational resources. NIST has been putting drafts out fast and furiously to meet the aggressive Federal mandate for information security and movement from draft to final occurs relatively quick. So no matter if a publication is in draft or final, you can find the publication from either the draft base page or the final base page.
Appendix A of the attached document has most of the urls for the NIST references listed in "Associating NIST Publications with HIPAA Security Requirements Standards" (pdf page 24-54/96). DRAFT NIST SP 800-66 also provides a sampling of survey questions for a risk assessment as well as examples of how NIST recommended security controls based on security categorization (DRAFT NIST SP 800-53) might be used.
The attached paper tells how NIST guidance might be integrated in to HIPAA security compliance. If you would like to SEE how to integrate NIST guidance in to HIPAA security compliance, I have put together an audio/video presentation (with a lot of help from a lot of great folks) titled "De-Mystify Security - NISTify IT!" It is free. It is available 24/7. It comes to your monitor so you won't need to guzzle gas. To access the presentation click on the link below:
http://www102.placeware.com/cc/complyassistant/view?id=NZTQJ4
Requires Name, No password, then email address and Company Name. (1 hour 2 min).
Requires Name, No password, then email address and Company Name. (1 hour 2 min).
For high-speed and broadband connections choose the 2nd file option. It is called "Microsoft Office Live Meeting Replay: Windows MediaTM - formatted streamed audio & video". When the windows media window opens you can right click on the window, then click on zoom, and then click on full screen.
For 56K modems, your bandwidth will not support video. Choose the 1st file option. It is called "Basic recording with Windows Media TM formatted streamed audio". You can listen to the recording and refer to the attached document for the urls mentioned in the recording and Appendix A also includes a screen shot of a security categorization.
For 56K modems, your bandwidth will not support video. Choose the 1st file option. It is called "Basic recording with Windows Media TM formatted streamed audio". You can listen to the recording and refer to the attached document for the urls mentioned in the recording and Appendix A also includes a screen shot of a security categorization.
Another note of interest from the CMS 16th HIPAA Implementation Roundtable is the affirmation by CMS that at some point, the transition period will end and that covered entities may establish a contingency independent of Medicare's contingency. I have attached a paper that provides the basic steps of a TCS compliance plan. David A. Feinberg, C.D.P., has made an audio/video presentation titled "HIPAA TCS - Become Compliant and Avoid Fines" that
- summarizes provider HIPAA TCS obligations
- describes current provider realities
- outlines a provider compliance technique
- describes current provider realities
- outlines a provider compliance technique
To access the presentation, click on the link below:
Requires Name, No password, then email address and Company Name. (48 minutes).
There are many good white papers and presentations that can be found at www.complyassistant.com concerning HIPAA privacy, security, and TCS compliance. White papers may be found in the left column of most web pages and presentations and PowerPoints may be accessed by selecting "Presentations" from the top horizontal menu bar.
Regards,
Barbara McGowin, CPC
Executive Recruiting
HIT Recruiting
(843) 824-8537
mcgowins@...
Connecting Healthcare Organizations with People,
Products and Services to Achieve HIPAA Compliance.
Executive Recruiting
HIT Recruiting
(843) 824-8537
mcgowins@...
Connecting Healthcare Organizations with People,
Products and Services to Achieve HIPAA Compliance.
Offline 
Send Email