Having problems with message search?
I have attached my HIPAA reference links that I have collected over the past few years. It is current through September 1, 2004. These are my top 104 HIPAA bookmarks. Having information readily accessible and at your finger tips will help you save time when you have time to focus on HIPAA compliance. If you use my list, I recommend that you add any of your vendors' HIPAA related sites and links to sites that provide notification of security vulnerabilities and available patches for your in-house technology.
Based on the traffic on many of the HIPAA related listservs, here are some that may be of special interest right now:
http://www.dmh.mo.gov/oqm/regs/dors/ch8/index.htm
This is the Missouri Department of Mental Health's HIPAA Privacy and Security Policy. It covers remote access, laptops, PDAs, etc. It provides a good example of a general organization-wide policy approach with emphasis on privacy and process. Links for SANS and Georgetown University's HIPAA policies are also contained in the attached document.
This is the Missouri Department of Mental Health's HIPAA Privacy and Security Policy. It covers remote access, laptops, PDAs, etc. It provides a good example of a general organization-wide policy approach with emphasis on privacy and process. Links for SANS and Georgetown University's HIPAA policies are also contained in the attached document.
DRAFT NIST SP 800-68 Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist is a recent addition to NIST publications. It may be downloaded from:
There are also FAQ and ability to sign-up for e-mail Notification of updates.
NIST Special Publication 800-68 has been created to assist IT professionals, in particularly Windows XP system administrators and information security personnel, in effectively securing Windows XP systems. It discusses Windows XP and various application security settings in technical detail. The guide provides insight into the threats and security controls that are relevant for various operational environments, such as for a large enterprise or a home office. It also contains a nifty security checklist for all you Windows XP users!
Creating Policies and Procedures (P&P) for a compliance initiative is the first step in mitigating gaps identified in your baseline risk assessment. DRAFT NIST SP 800-53 Recommended Security Controls (link provided in attached document) provides very affordable (i.e. FREE) templates for P&P to address administrative, physical and technical security safeguards requirements of the HIPAA Security Rule.
If you aren't sure where to start (HINT: NIST recommends starting with defining the scope, developing a survey, conducting surveys to identify gaps, then mitigating through P&P, training, implementation and process integration, auditing, and monitoring) there is a very affordable (i.e. FREE) audio/video presentation that is web accessible 24/7 that walks you from "defining the scope" through monitoring and auditing. It spends about 30 minutes showing you how to use NIST SP 800-53 in your mitigation work plan development. Here is the link:
http://www102.placeware.com/cc/complyassistant/view?id=NZTQJ4
Requires Name, No password, then email address and Company Name. (1 hour 2 min).
For high-speed and broadband connections choose the 2nd file option. It is called "Microsoft Office Live Meeting Replay: Windows MediaTM - formatted streamed audio & video". When the windows media window opens you can right click on the window, then click on zoom, and then click on full screen.
For 56K modems, your bandwidth will not support video. You can choose the 1st file option. It is called "Basic recording with Windows Media TM formatted streamed audio". You can listen to the recording and refer to
the urls provided in the attachment and mentioned in the recording. This may not be very helpful. If you can get to a PC with high-speed internet access, I would recommend viewing it this way.
Requires Name, No password, then email address and Company Name. (1 hour 2 min).
For high-speed and broadband connections choose the 2nd file option. It is called "Microsoft Office Live Meeting Replay: Windows MediaTM - formatted streamed audio & video". When the windows media window opens you can right click on the window, then click on zoom, and then click on full screen.
For 56K modems, your bandwidth will not support video. You can choose the 1st file option. It is called "Basic recording with Windows Media TM formatted streamed audio". You can listen to the recording and refer to
the urls provided in the attachment and mentioned in the recording. This may not be very helpful. If you can get to a PC with high-speed internet access, I would recommend viewing it this way.
Have a safe Labor Day!
Barbara McGowin, CPC
Executive Recruiting
HIT Recruiting
(843) 824-8537
mcgowins@...
Connecting Healthcare Organizations with People,
Products and Services to Achieve HIPAA Compliance.
Executive Recruiting
HIT Recruiting
(843) 824-8537
mcgowins@...
Connecting Healthcare Organizations with People,
Products and Services to Achieve HIPAA Compliance.
Offline 
Send Email