Hello, everyone. The Healthcare facility that I work is looking for IT audit ideas as well as ways that you are able to get your IT department on board with your audit plan? We constantly receive pushback when we start our audit engagements. We are try...
Colleenw | 5/8/2013 8:53:35 AM | COMMENTS(3)
|
I was looking at focusing on some key issues in IT use in Healthcare.
Top of the mind four areas - Mobile based Health Solutions
Electronic Health Records
Tele-medicine, and
Health / Clinical Analytics
In all the four areas technology has advance...
|
Hello,
Dharamjeet, Khenkell, Patrick, Stefanie, Lex, Moni, Kannan, Alessandro, Devesh and Marc !
Welcome to the Healthcare Topic Community.
Please feel free to add me as a colleague. Do feel free to contribute to the topic, you can start a discus...
|
Does anyone have a crosswalk between cobit 5 and the ocr audit protocols?
Lisa850 | 4/21/2013 3:35:55 AM | COMMENTS(1)
|
Attend the 2013 HIPAA Final Rule Update Webinar to Understand the NEW HIPAA Regulatory Requirements and its impact on companies that work in or with healthcare entities; Preparing for a HIPAA Audit and OCR Audit Findings.
2013 HIPAA FINAL RULE UP...
Chad_SDS | 2/21/2013 7:26:46 AM | COMMENTS(1)
|
I'm curious if those of you in Healthcare are interested in a shared vendor assessment model. The basic concept follows.
1. Vendors sign-up and complete an assessment against a common control set centrally stored within a "registry" system.
2. Clien...
Chad_SDS | 2/21/2013 7:23:22 AM | COMMENTS(1)
|
The presentation was delivered at the ISRM/ IT GRC Conference November 15 in Las Vegas. This presentation addressed the following points.
Recognize the importance of Personal Health Information (PHI /PII) inventory and life cycle management for IT personnel;
· Learn about your conflicting regulatoryobligations for breach incident response;
· Understand the steps for effective incidentresponse and compliance management;
· Learn about metrics to measure your compliance performanceand return on investment;
· Build a case to establish a sustainable audit response process;
· Communicate to management and peers theimportance of department partnerships to achieve unified goals
|
Posted by ISACA 216 days ago
|
Books
Posted by ISACA 277 days ago
|
Books
This publication explains the latest threats along with detailed fixes, best practices and "from the headlines" case studies.
Posted by ISACA 321 days ago
|
Books
Posted by ISACA 469 days ago
|
Books
Posted by ISACA 537 days ago
|
20 Aug 2012
ISACA International Event
NEW YORK, NY, USA
|
Volume 3, 2013
by Santhosh Patil
Health care spending is a key component of any industrialized nation’s economy.
|
Volume 5, 2011
by Haris Hamidovic, CIA, ISMS IA, ITIL-F, IT Project+ and Jasmina Kabil
The main objective of this article is to provide an introduction to the key elements of information security management in health care using ISO 27799:2008.
|
Volume 5, 2010
by Christopher P. Buse, CISA, CISSP, CPA, Larry Marks, CISA, CGEIT, CFE, CISSP, PMP and Steve Sizemore, CISA, CGAP, CIA
This article discusses the US Department of Health and Human Services Health Breach Notification Rule: Final Rule.
|
Volume 5, 2010
by Stephen Gantz, CGEIT, CEH, CIPP/G, CISSP-ISSAP
This article focuses on the privacy and security aspects of the HITECH Act portion of the US American Recovery and Reinvestment Act, EHR certification criteria, and standards included in meaningful use.
|
Volume 4, 2010
by Christopher P. Buse, CISA, CISSP, CPA, Larry Marks, CISA, CGEIT, CFE, CISSP, PMP, and Steve Sizemore, CISA, CGAP, CIA
This article will briefly describe the HITECH Act and its impact on IT professionals.
|
Volume 2, 2007
by Michael Martel, CISSP, CPP
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
10 companies who are transforming the healthcare world
|
Effectively address risks using the 4 P's: Prediction, Persistence, Patience, Preparedness.
|
SOX, GLBA and HIPAA share a common regulatory compliance thread - the need to use automation to ensure continuous compliance with required IT controls. View this webcast for an overview of each regulation. Also, gain an understanding of the capabilities an organization must have in place to address these requirements.
Contributed by ISACA on 29 May 2010
|
The Federal Trade Commission's recent case against CVS Caremark Corp.'s allegedly cavalier handling of sensitive personal medical information rested on the pharmacy chain's boastful claims to the contrary. For hospitals and other health organizations, the case holds a wealth of lessons and unleashes a posse of new enforcers in the fight to protect medical information.
Contributed by ISACA on 29 May 2010
|
The challenge of complying with a growing number of frequently changing government, industry and internal regulations designed to protect data is becoming harder and more expensive to manage. This paper outlines the rules, looks at the main threats to security compliance and highlights how a well-defined strategy, backed up by powerful technology can provide the solution.
Contributed by ISACA on 29 May 2010
|
Every CIO needs to know whether an enterprise can enter the cloud and remain both secure and compliant within regulatory restrictions.
Contributed by ISACA on 29 May 2010
|
|
HIPAA has been an emerging risk area for my organization over the past year. What's interesting is that HIPAA is not new. In fact, it's been around since the early 2000's; however, it never had "teeth" so to speak. With the passage of ARRA (the stimulu...
Posted By : Matthew Edman | 1 comments
| |
|
|