Table of Contents
Chapter 2: Healthcare Industry
The National Provider Identifier (NPI)
Electronic Data Interchange (EDI)
Health Information Technology (HIT)
Systematized Nomenclature of Medicine (SNOMED) – Clinical Terms (CT)
HIPAA transaction and code sets
National Uniform Billing Committee (NUBC)
Authorization and informed consent
Understanding external third-party relationships
Information flow and life cycle in the healthcare environments
Healthcare Provider Taxonomy Codes
Data interoperability and exchange
Integrating the Healthcare Enterprise
Health Level Seven International
Digital Imaging and Communications in Medicine (DICOM)
Chapter 3: Regulatory Environment
Legal issues that pertain to information security and privacy for healthcare organizations
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Select elements and definitions
The American Recovery and Reinvestment Act (ARRA) of 2009
A culture of privacy and security
Organizational-level privacy and security requirements
Monitoring PHI information flows
Data Use and Reciprocal Support Agreement (DURSA)
Legislative and regulatory updates
Policies, procedures, standards, and guidelines
Common security and privacy compliance frameworks
National Institute of Standards and Technology (NIST)
NIST Interagency Reports (IRs)
Common criteria–certified product categories
The Information Governance (IG) Toolkit
Generally Accepted Privacy Principles (GAPP)
Health Information Trust Alliance (HITRUST)
SANS critical security controls
Control variance documentation
Chapter 4: Privacy and Security in Healthcare
Relationship between privacy and security
The disparate nature of sensitive data and handling implications
Chapter 5: Information Governance and Risk Management
Understanding security and privacy governance
Understanding risk management methodology
Information risk management life cycle and activities
Chapter 6: Information Risk Assessment
Chapter 7: Third-Party Risk Management
Management standards and practices
Incident notification and response