HIPAA Privacy and Security Standards: A Gap Analysis for the Compliance Challenge at the Northern Arizona VA Health Care System (NAVAHCS)

Abstract

There is a difficult and notable challenge facing the healthcare industry in the United States that will profoundly change the way business is conducted. Congress recognized the need for national patient record privacy standards in 1996 when it enacted the Health Insurance Portability and Accountability Act (HIPAA). The law required new safeguards to protect the security and confidentiality of personal health information and mandated implementation within a strict timetable. Industry experts and professionals who have been working on the privacy and proposed security standards say that covered entities need to begin the process of inventorying their organization immediately. The purpose of this project is twofold: (a) to conduct a baseline assessment inventory on the current environment of NAVAHCS policies, processes, and technology with respect to the HIPAA privacy and security standards and (b) to use the information gathered from the baseline assessment to conduct a gap analysis to determine vulnerabilities and enable NAVAHCS to identify necessary process changes and system remediations.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 07, 2002
Accession Number
ADA421231

Entities

People

  • Sharon M. Millican

Tags

Communities of Interest

  • Cyber
  • Human Systems
  • Space

DTIC Thesaurus Topics

  • Business Administration
  • Civil Rights
  • Commerce
  • Computer Access Control
  • Computers
  • Congress
  • Cybersecurity
  • Electronic Mail
  • Employment
  • Health Care
  • Health Services
  • Information Security
  • Information Systems
  • Law
  • Medical Personnel
  • Organizational Structure
  • Personnel Management

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management
  • Medical or Health Care Field.