Capella University Security Compliance Tool HIPAA Security Standards Discussion
Capella University Security Compliance Tool HIPAA Security Standards Discussion
Capella University Security Compliance Tool HIPAA Security Standards Discussion
Question Description
Overview
In this assignment you will utilize an objective tool to assess third-party business associate compliance with HIPAA rules, such as PHI security. The tool is modeled after templates from federal healthcare regulatory agencies. By demonstrating the use of this tool, you will show your knowledge of the HIPAA rules covering the safeguards for Protected Health Information (PHI) and your competency in monitoring third-party compliance in healthcare information security.
Trust our nursing essay writing for guaranteed top grades. Don’t take chances with online services that write nursing papers and other assignments. We are specialists since we solely compose top-notch nursing papers online.
INSTRUCTIONS
Preparation: Download the Unit 8 HIPAA PHI Assessment Spreadsheet (in the Resources). Use the references provided in the Resources and any other research necessary to determine whether the safeguard steps in Column D should be labeled Required or Addressable.
Complete your assignment as follows:
Indicate on the spreadsheet whether the safeguard steps are required or addressable under HIPAA.
Write a 1-2 page (double-spaced) report summarizing the three categories of safeguards under the HIPAA, defining the terms Required and Addressable, and analyzing why some items are Required and others Addressable.
SUBMISSION REQUIREMENTS
Format: Include a title page and reference page. Insert your completed spreadsheet into a Word document with your paper for submission.
References: Cite all references in APA format.
Length: 4-5 total pages (the written part should be 1-2 double-spaced pages), not including title and reference pages.
references
https://www.hhs.gov/hipaa/for-professionals/faq/2020/what-is-the-difference-between-addressable-and-required-implementation-specifications/index.html
https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/protocol/index.html
GET PAPER HELP. PLACE AN ORDER FOR A CUSTOM-WRITTEN, PLAGIARISM-FREE PAPER Capella University Security Compliance Tool HIPAA Security Standards Discussion
Your nursing paper is in safe hands. Trust the experts for the best nursing papers.
attachment_1
Item HIPAA Citation “HIPAA Security Rule Standard
Implementation Specification” Implementation SECURITY STANDARDS: GENERAL RULES 1 164.306(a) Ensure Confidentiality, Integrity and Availability 2 164.306(b) Flexibility of Approach 3 164.306(c) Standards 4 164.306(d) Implementation Specifications 5 164.306(e) Maintenance ADMINISTRATIVE SAFEGUARDS 6 164.308(a)(1)(i) Security Management Process 7 164.308(a)(1)(ii)(A) Risk Analysis 8 164.308(a)(1)(ii)(B) Risk Management 9 164.308(a)(1)(ii)(C) Sanction Policy 10 164.308(a)(1)(ii)(D) Information System Activity Review 11 164.308(a)(2) Assigned Security Responsibility 12 164.308(a)(3)(i) Workforce Security 13 164.308(a)(3)(ii)(A) Authorization and/or Supervision 14 164.308(a)(3)(ii)(B) Workforce Clearance Procedure 15 164.308(a)(3)(ii)(C) Termination Procedures 16 164.308(a)(4)(i) Information Access Management 17 164.308(a)(4)(ii)(A) Isolation Health Clearinghouse Functions 18 164.308(a)(4)(ii)(B) Access Authorization 19 164.308(a)(4)(ii)(C) Access Establishment and Modification 20 164.308(a)(5)(i) Security Awareness Training 21 164.308(a)(5)(ii)(A) Security Reminders 22 164.308(a)(5)(ii)(B) Protection from Malicious Software 23 164.308(a)(5)(ii)(C) Log-in Monitoring 24 164.308(a)(5)(ii)(D) Password Management 25 164.308(a)(6)(i) Security Incident Procedures 26 164.308(a)(6)(ii) Response and Reporting 27 164.308(a)(7)(i) Contingency Plan 28 164.308(a)(7)(ii)(A) Data Backup Plan 29 164.308(a)(7)(ii)(B) Disaster Recovery Plan 30 164.308(a)(7)(ii)(C) Emergency Mode Operation Plan 31 164.308(a)(7)(ii)(D) Testing and Revision Procedures 32 164.308(a)(7)(ii)(E) Applications and Data Criticality Analysis 33 164.308(a)(8) Evaluation 34 164.308(b)(1) Business Associate Contracts and Other Arrangements 35 164.308(b)(4) Written Contract PHYSICAL SAFEGUARDS 36 164.310(a)(1) Facility Access Controls 37 164.310(a)(2)(i) Contingency Operations 38 164.310(a)(2)(ii) Facility Security Plan 39 164.310(a)(2)(iii) Access Control Validation Procedures 40 164.310(a)(2)(iv) Maintenance Records 41 164.310(b) Workstation Use 42 164.310(c) Workstation Security 43 164.310(d)(1) Device and Media Controls 44 164.310(d)(2)(i) Disposal 45 164.310(d)(2)(ii) Media Re-use 46 164.310(d)(2)(iii) Accountability 47 164.310(d)(2)(iv) Data Backup and Storage TECHNICAL SAFEGUARDS 48 164.312(a)(1) Access Control 49 164.312(a)(2)(i) Unique User Identification 50 164.312(a)(2)(ii) Emergency Access Procedure 51 164.312(a)(2)(iii) Automatic Logoff 52 164.312(a)(2)(iv) Encryption and Decryption 53 164.312(b) Audit Controls 54 164.312(c)(1) Integrity 55 164.312(c)(2) Mechanism to Authenticate Electronic Protected Health Information 56 164.312(d) Person or Entity Authentication 57 164.312(e)(1) Transmission Security 56 164.312(e)(2)(i) Integrity Controls 55 164.312(e)(2)(ii) Encryption ORGANIZATIONAL REQUIREMENTS 56 164.314(a)(1) Business Associate Contracts or Other Arrangements 57 164.314(a)(2) Business Associate Contracts 58 164.314(b)(1) Requirements for Group Health Plans 59 164.314(b)(2)(i) Implement Safeguards 60 164.314(b)(2)(ii) Ensure Adequate Separation 61 164.314(b)(2)(iii) Ensure Agents Safeguard 62 164.314(b)(2)(iv) Report Security Incidents 63 164.316(a) Policies and Procedures 64 164.316(b)(1) Documentation 65 164.316(b)(2)(i) Time Limit 66 164.316(b)(2)(ii) Availability 67 164.316(b)(2)(iii) Updates