Share Email Print
cover

Proceedings Paper

HIPAA and information security risk: implementing an enterprise-wide risk management strategy
Author(s): Christopher J. Alberts; Audrey Dorofee
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 effectively establishes a standard of due care for healthcare information security. One of the challenges of implementing policies, procedures, and practices consistent with HIPAA requirements in the Department of Defense Military Health System is the need for a method that can tailor the requirements to a variety of organizational contexts. This paper will describe a self- directed information security risk evaluation that will enable military healthcare providers to assess their risks and to develop mitigation strategies consistent with HIPAA guidelines.

Paper Details

Date Published: 7 August 2001
PDF: 12 pages
Proc. SPIE 4323, Medical Imaging 2001: PACS and Integrated Medical Information Systems: Design and Evaluation, (7 August 2001); doi: 10.1117/12.435462
Show Author Affiliations
Christopher J. Alberts, Carnegie Mellon Univ. (United States)
Audrey Dorofee, Carnegie Mellon Univ. (United States)


Published in SPIE Proceedings Vol. 4323:
Medical Imaging 2001: PACS and Integrated Medical Information Systems: Design and Evaluation
Eliot L. Siegel; H. K. Huang, Editor(s)

© SPIE. Terms of Use
Back to Top