How do I know whether my security incident-response procedures will work?
HIPAA Weekly Advisor, December 20, 2004
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
In short, you don't know until you either test them or have to use them during a real-world security incident. Make sure you do the former before the latter occurs.
When testing, it's best not to do anything that will crash any systems or otherwise put PHI at risk. If anything, perform simulation tests to see how people will respond, how you will move through the procedures, and how you will recover.
Editor's note: This question was answered by Kevin Beaver, CISSP. This is not legal advice. Consult with your facility's legal counsel for legal matters.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- HIPAA Q&A: Flu shot requirement for hospital employees
- Running an effective peer review committee meeting
- HealthDataInsights posts new issues for medical necessity claims
- Sneak Peek: Effort underway to establish caseload benchmarks
- Q/A: Coding for telescopic intraocular lens
- New FAQ posted on storing laryngoscope blades
- Tip: Perform your own internal investigation prior to government audit
- HIPAA 5010 deadline extended, but threat remains, says AMA
- HHS task force: Consider privacy, security with text messages
- What does case-mix index mean to you?
- E-mailed
-
- Running an effective peer review committee meeting
- HIPAA Q&A: Flu shot requirement for hospital employees
- HHS task force: Consider privacy, security with text messages
- What does case-mix index mean to you?
- Q/A: Coding for telescopic intraocular lens
- Q/A: Correct use of modifier -PT
- Tip: Correctly code bilateral pain management procedures
- "Wall fountains" may be spreading Legionnaires to patients, visitors
- 2012 CPT code changes for ASCs: Shoulder and knee scopes and pain management
- Case Management Monthly, March 2012
- Searched