• List Price: $129.95
  • Save: $80.50 (62%)
Rented from RentU
To Rent, select Shipping State from options above
Due Date: Dec 19, 2014
FREE return shipping at the end of the semester. Access codes and supplements are not guaranteed with rentals.
Used: Good | Details
Sold by RentU
Condition: Used: Good
Comment: Fast shipping from Amazon! Qualifies for Prime Shipping and FREE standard shipping for orders over $35. Overnight, 2 day and International shipping available! Excellent Customer Service.. May not include supplements such as CD, access code or DVD.
Access codes and supplements are not guaranteed with used items.
Add to Cart
  • List Price: $129.95
  • Save: $38.82 (30%)
Only 7 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Trade in your item
Get a $30.30
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

The Practical Guide to HIPAA Privacy and Security Compliance Hardcover – November 24, 2003

ISBN-13: 978-0849319532 ISBN-10: 0849319536 Edition: 1st

Buy New
Price: $91.13
Price: $49.45
14 New from $62.93 17 Used from $59.95
Rent from Amazon Price New from Used from
"Please retry"
"Please retry"
Hardcover, November 24, 2003
$62.93 $59.95

There is a newer edition of this item:


Frequently Bought Together

The Practical Guide to HIPAA Privacy and Security Compliance + Process Improvement with Electronic Health Records: A Stepwise Approach to Workflow and Process Management + Readings and Cases in the Management of Information Security
Price for all three: $176.45

Buy the selected items together


Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Hardcover: 496 pages
  • Publisher: Auerbach Publications; 1 edition (November 24, 2003)
  • Language: English
  • ISBN-10: 0849319536
  • ISBN-13: 978-0849319532
  • Product Dimensions: 1.3 x 6.1 x 9.4 inches
  • Shipping Weight: 1.8 pounds (View shipping rates and policies)
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (9 customer reviews)
  • Amazon Best Sellers Rank: #778,694 in Books (See Top 100 in Books)

Editorial Reviews


The book's main strength is its abundant and varied content. It thoroughly describes the main provisions of HIPAA's security and privacy requirements using actual language from the legislation interspersed with the authors' commentary. This format…helpfully guides readers through the labyrinthine HIPAA requirements.
Scott Forbes, Microsoft

Rebecca and Kevin have compiled a wealth of knowledge in an easy-to-read, conversational style. This book is packed with useful facts and practical tips that grabs and keeps your attention as though you are listening to the authors in your own living room. The astute reader will keep a pad of paper and a pile of 'sticky notes' handy. You will no doubt come back to this valuable resource over and over again!
Michael J. Corby, CCP, CISSP, President and CEO, M. Corby & Associates, Inc.

This is a very comprehensive view of HIPAA privacy and security compliance which provides a pragmatic, step by step methodology for understanding and complying with the regulation. The practical checklists, the quizzes which
can be used in HIPAA awareness programs, and the pointers to valuable resources are all added benefits.
Micki Krause, CISSP, Chief Information Security Officer, Pacific Life Insurance

About the Author

Kevin Beaver is an independent information security consultant, writer, professional speaker, and expert witness with Atlanta, Georgia based Principle Logic, LLC. He has worked in IT since 1989 and specializes in performing information security assessments for corporations, security product vendors, independent software developers, universities, government agencies, and nonprofit organizations. Before starting his information security consulting practice in 2001, Kevin served in various information technology and security roles for several health care, e-commerce, financial, and educational institutions.

Kevin has appeared on CNN as an information security expert and has been quoted in The Wall Street Journal, Entrepreneur, Fortune Small Business, Men’s Health, Women’s Health, Woman’s Day, and Inc. Magazine. His work has also been referenced by the PCI Security Standards Council in their PCI DSS Wireless Guidelines. He has given and participated in hundreds of highly rated presentations, panel discussions, seminars, and webcasts on information security and compliance.

Kevin has authored or coauthored 11 information security books, including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well as Implementation Strategies for Fulfilling and Maintaining IT Compliance (Realtimepublishers.com). He has written dozens of whitepapers and hundreds of articles and guest blog posts, and he is a regular contributor to SearchSecurity.com, SearchEnterpriseDesktop.com, SearchWindowsServer.com, and Security Technology Executive magazine.

Kevin is the creator and producer of the Security On Wheels audiobooks, which provide security learning for IT professionals on the go (http://www.securityonwheels.com) and its associated blog (http:// www.securityonwheels.com/blog). He also covers information security and related matters on Twitter (@kevinbeaver) and YouTube (PrincipleLogic). He earned his bachelor’s degree in computer engineering technology from Southern College of Technology and his master’s degree in management of technology from Georgia Tech. He obtained his CISSP certification in 2001 and also holds MCSE, Master CNE, and IT Project+ certifications.

Kevin can be reached through his website (http://www.principlelogic.com) and invites you to connect to him via LinkedIn (http://www.linkedin.com/in/kevinbeaver).

Rebecca Herold has over 25 years of information privacy, security, and compliance expertise. She is CEO of Privacy Professor® and is a partner for Compliance Helper®. She has led the NIST SGIP Smart Grid Privacy Subgroup since June 2009. She has been an adjunct professor for the Norwich University Master of Science in Information Security and Assurance (MSISA) program since 2005. She has written 17 books and hundreds of published articles. She has been invited to speak at a wide variety of events throughout the United States, and in other worldwide locations such as Melbourne, Australia; Bogotá, Colombia; and Naas, County Kildare, Ireland.

Rebecca is widely recognized and respected, and has been providing information privacy, security, and compliance services, tools, and products to organizations in an extensive range of industries for over two decades. Just a few of her awards and recognitions include the following:

  • Rebecca was ranked #2 in the "Top 25 Female Infosec Leaders to Follow on Twitter" in 2014 by Information Security Buzz.
  • Rebecca was named to the ISACA International Privacy Task Force in 2013.
  • Rebecca was named on Tripwire’s list of "InfoSec’s Rising Stars and Hidden Gems: The Top 15 Educators" in July 2013.
  • Rebecca was ranked #5 in the "Top 25 Female Infosec Leaders to Follow on Twiter" in 2013 by Information Security Buzz.
  • Rebecca has been named one of the "Best Privacy Advisers in the World" multiple times in recent years by Computerworld magazine, most recently ranking third in the world in the last rankings provided.
  • In 2012, Rebecca was named one of the most influential people and groups in online privacy by Techopedia.com.
  • In 2012, Rebecca was named a Privacy by Design Ambassador by the Ontario, Canada Data Privacy Commissioner.

Rebecca is a partner for the Compliance Helper services for health-care organizations and their business associates to meet their HIPAA, HITECH, and other legal requirements. She is a member of the IAPP Certification Advisory Board, and is an instructor for the IAPP’s CIPM, CIPP/IT, CIPP/US, and CIPP foundations classes.

Rebecca currently serves on multiple advisory boards for security, privacy, and high-tech technology organizations. She is frequently interviewed and quoted in diverse broadcasts and publications such as IAPP Privacy Advisor, BNA Privacy & Security Law Report, Wired, Popular Science, Computerworld, IEEE’s Security and Privacy Journal, NPR, and many others. She regularly appears on the Des Moines, Iowa-based Great Day morning television program on KCWI to discuss and provide advice for information security and privacy topics.

Rebecca was born and raised in Missouri and has degrees in math, computer science, and education. She has lived in Iowa on a farm with her family for the past couple of decades, where they raise corn, soy beans, and sunflowers, and make hay. They are currently renovating a house that is over 100 years. See more about Rebecca, her work, services, and products at:

  • The Privacy Professor (http://www.privacyguidance.com and http://www.privacyprofessor.org)
  • Co-Owner, CPO, and CISO, SIMBUS (http://www.hipaacompliance.org)
  • Partner, Compliance Helper (http://www.compliancehelper.com)
  • Adjunct Professor for the Norwich University Master of Science in Information Security and Assurance (MSISA) program (http://infoassurance.norwich.edu/)
  • Twitter ID: PrivacyProf (http://twitter.com/PrivacyProf)


--This text refers to an alternate Hardcover edition.

More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.4 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

22 of 23 people found the following review helpful By todd J Fitzgerald CISSP CISA CISM on June 1, 2004
Format: Hardcover
Rebecca and Kevin have created an excellent resource for HIPAA Security Practictioners. They provide practical guidance for interpreting the HIPAA security rule, in terms that the non-security professional can understand. Especially of value are the ideas on how to "implement" the security rule, broken down by the relevant HIPAA security standard. I agree with the practical approach that they take within the book, as it is consistent with the HIPAA message that I have also been communicating over the past several years. There are also useful lists of items needed to maintain security compliance after implementation. This is a good book for the novice and experienced privacy/security professional. It is nice to see that someone has compiled this much useful information into one book. Nice job ! This is a must have book if you are a Security of Privacy Officer.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
8 of 8 people found the following review helpful By "jiorlove" on January 5, 2004
Format: Hardcover
I found the book to be straightforward and easy to follow. I have been in the security business for many years and I am now finding it necessary to work on projects revolving around HIPAA. This book navigates the jargon in clear and easy to understand text. The examples and plain discussion around each rule clarified many questions that I had problems answering form my other security associates. There is some bad information floating around the industry and this book was accurate and applicable to today's requirements. The time spent reading this book was an excellent use of my resources, not only the HIPAA aspects, but also for the security insight on issues around privacy and information protection. This was just what I needed to complete some of my pending projects and I would highly recommend it to any security manager or consultants who need a deeper understanding of the current HIPAA security rule.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
9 of 10 people found the following review helpful By Barry Fergus Jones on July 29, 2004
Format: Hardcover
This is the best single reference that I've seen on the subject. Kevin and Rebecca have assembled a guide that is eminently practical, superbly organized, and tremendously helpful. I reach for it every time I have a question on HIPPA. In fact, it's the only HIPPA reference I've used since I got it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
10 of 12 people found the following review helpful By Ben Rothke on January 20, 2004
Format: Hardcover
`The Practical Guide to HIPAA Privacy and Security Compliance' is an excellent reference for anyone needed to come up to speed with HIPAA, or wanting a single-source HIPAA handbook. It is written in a clear, easy to understand style.
In six sections (comprising 25 chapters), the book provides you with just about everything you need to know about HIPAA from a security and privacy perspective. It is focused on a real-world approach to HIPAA compliance, and each chapter ends with a practical checklist.
HIPAA can be so overwhelming with its requirements that many people do not know where to start on their road to HIPAA compliance. The book shows what one can do, what the requirements are, and how they can be achieved and maintained in a step-by-step manner.
Appendix A contains 4 different case studies that give the reader different approaches to HIPAA, from the perspective of different HIPAA covered entities.
Appendix B contains nearly 20 pages of Sample Documents. It is hoped that the authors will place these documents on the books web site.
Appendix C is a good list of various HIPAA resources (software, consulting firms, etc).
Appendix D is a quiz about various HIPAA concepts.
Overall, `The Practical Guide to HIPAA Privacy and Security Compliance' is a very readable, practical and user-friendly guide for getting a handle on the abstract HIPAA requirements.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 4 people found the following review helpful By Christopher Grillo on May 19, 2004
Format: Hardcover
As the title states, the book provides a very practical guide to HIPAA Privacy and Security. I used this book as a key reference to understanding the HIPAA privacy and security rule and in building a comprehensive roadmap (project plan) for compliance -- nicely done!
I strongly recommend the book to all Security Professionals that are working to build an environment based on standards of good practice -- including HIPAA compliance.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images