7 August 2001 HIPAA and information security risk: implementing an enterprise-wide risk management strategy
Author Affiliations +
Abstract
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 effectively establishes a standard of due care for healthcare information security. One of the challenges of implementing policies, procedures, and practices consistent with HIPAA requirements in the Department of Defense Military Health System is the need for a method that can tailor the requirements to a variety of organizational contexts. This paper will describe a self- directed information security risk evaluation that will enable military healthcare providers to assess their risks and to develop mitigation strategies consistent with HIPAA guidelines.
© (2001) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Christopher J. Alberts, Audrey Dorofee, "HIPAA and information security risk: implementing an enterprise-wide risk management strategy", Proc. SPIE 4323, Medical Imaging 2001: PACS and Integrated Medical Information Systems: Design and Evaluation, (7 August 2001); doi: 10.1117/12.435462; https://doi.org/10.1117/12.435462
PROCEEDINGS
12 PAGES


SHARE
Back to Top