Risk_Management - HEALTH AFFAIRS TRICARE Management...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
HIPAA RISK MANAGEMENT ACTIVITIES Version 2.0 TMA Privacy Office HEALTH AFFAIRS TRICARE Management Activity This document contains proprietary information and will be handled within Government regulations. It is intended solely for the use and information of the Military Health System.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 • Information Security Concepts • Risk Assessment • Risk Mitigation • Risk Monitoring Risk Management HIPAA Risk Management Activities Agenda
Background image of page 2
3 After completing this course, you should be able to: Define basic information security concepts Describe the elements of the risk management process Identify the risk management activities of the HIPAA Security Rule Describe how OCTAVE and HIPAA BASICS support HIPAA compliance HIPAA Risk Management HIPAA Risk Management Activities Objectives
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 HIPAA Implementation Life Cycle
Background image of page 4
Information Security Concepts
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 • After completing this module, you should be able to: – Define terminology and basic concepts of information security – Identify the federal regulatory aspects of information security including laws and guidance Information Security Concepts Information Security Concepts Objectives
Background image of page 6
7 Information security is achieved through an integrated system of policies , procedures , products , and people that identify , control , and protect information by an information protection strategy that is authorized by management and integral to good business practice. Information Security Concepts Information Security
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 • Federal laws and regulations require agencies to be accountable for results, and provide security for information and assets Health Insurance Portability and Accountability Act (HIPAA) of 1996 Office of Management and Budget (OMB) Circular A-123 Computer Security Act of 1987 OMB Circular A-130, Appendix III Federal Information Security Management Act (FISMA) Federal Managers Financial Integrity Act of 1982 (FMFIA) Government Performance and Results Act (GPRA ) Information Security Concepts Legislative Requirements
Background image of page 8
9 Federal laws and regulations require agencies to be accountable for results, and provide security for information and assets DoD 5000.1-D, Defense Acquisitions DoD 5000.2-R, Mandatory Procedures for MDAS & MAIS Acquisition DoD 5160.54-D, Critical Asset Assurance Program DoD 5200.2-D, Personnel Security Program DoD 5200.2-R, Personnel Security Program DoD 5200.40-I, DITSCAP DoD 5200.8-D, Security of DoD Installations & Resources DoD 5200.8-R, Physical Security Program DoD 5215.2-I, Computer Security Technical Vulnerabilities Reporting Program DoD 6510.18-R, DoD Health Information Privacy DoD 8000.1-D, Defense Information Management Program Information Security Concepts DoD Requirements
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 • Federal laws and regulations require agencies to be accountable for results, and provide security for information and assets DoD 8000.1-D, Defense Information Management Program DoD 8500.1-D, Information Assurance DoD 8500.2-I, Information Assurance Implementation DoD 8510.1-M, DITSCAP • Service-specific regulations Information Security Concepts DoD Requirements
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/14/2011 for the course COMP 6370 taught by Professor Staff during the Fall '08 term at Auburn University.

Page1 / 142

Risk_Management - HEALTH AFFAIRS TRICARE Management...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online