Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your mobile phone number.

The Practical Guide to HIPAA Privacy and Security Compliance 1st Edition

4.2 out of 5 stars 18 customer reviews
ISBN-13: 978-0849319532
ISBN-10: 0849319536
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon
Buy used On clicking this link, a new layer will be open
$7.89 On clicking this link, a new layer will be open
Buy new On clicking this link, a new layer will be open
$132.95 On clicking this link, a new layer will be open
More Buying Choices
14 New from $14.94 25 Used from $3.73

There is a newer edition of this item:

Free Two-Day Shipping for College Students with Prime Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Blue Marble Health: An Innovative Plan to Fight Diseases of the Poor amid Wealth by Peter J. Hotez
"Blue Marble Health" by Peter J. Hotez
Clear, compassionate, and timely, Blue Marble Health is a must-read for leaders in global health, tropical medicine, and international development, along with anyone committed to helping the millions of people who are caught in the desperate cycle of poverty and disease. Learn more | See related books
$132.95 FREE Shipping. Only 1 left in stock. Ships from and sold by Amazon.com. Gift-wrap available.
click to open popover

Frequently Bought Together

  • The Practical Guide to HIPAA Privacy and Security Compliance
  • +
  • HIPAA Privacy and Security Compliance - Simplified: Practical Guide for Healthcare Providers and Practice Managers 2014 Edition
  • +
  • The HIPAA Roadmap for Business Associates: A step-by-step guide to HIPAA/HITECH compliance
Total price: $206.69
Buy the selected items together

Editorial Reviews

Review

The book's main strength is its abundant and varied content. It thoroughly describes the main provisions of HIPAA's security and privacy requirements using actual language from the legislation interspersed with the authors' commentary. This format…helpfully guides readers through the labyrinthine HIPAA requirements.
Scott Forbes, Microsoft

Rebecca and Kevin have compiled a wealth of knowledge in an easy-to-read, conversational style. This book is packed with useful facts and practical tips that grabs and keeps your attention as though you are listening to the authors in your own living room. The astute reader will keep a pad of paper and a pile of 'sticky notes' handy. You will no doubt come back to this valuable resource over and over again!
Michael J. Corby, CCP, CISSP, President and CEO, M. Corby & Associates, Inc.

This is a very comprehensive view of HIPAA privacy and security compliance which provides a pragmatic, step by step methodology for understanding and complying with the regulation. The practical checklists, the quizzes which
can be used in HIPAA awareness programs, and the pointers to valuable resources are all added benefits.
Micki Krause, CISSP, Chief Information Security Officer, Pacific Life Insurance

About the Author

Kevin Beaver is an independent information security consultant, writer, professional speaker, and expert witness with Atlanta, Georgia based Principle Logic, LLC. He has worked in IT since 1989 and specializes in performing information security assessments for corporations, security product vendors, independent software developers, universities, government agencies, and nonprofit organizations. Before starting his information security consulting practice in 2001, Kevin served in various information technology and security roles for several health care, e-commerce, financial, and educational institutions.

Kevin has appeared on CNN as an information security expert and has been quoted in The Wall Street Journal, Entrepreneur, Fortune Small Business, Men’s Health, Women’s Health, Woman’s Day, and Inc. Magazine. His work has also been referenced by the PCI Security Standards Council in their PCI DSS Wireless Guidelines. He has given and participated in hundreds of highly rated presentations, panel discussions, seminars, and webcasts on information security and compliance.

Kevin has authored or coauthored 11 information security books, including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well as Implementation Strategies for Fulfilling and Maintaining IT Compliance (Realtimepublishers.com). He has written dozens of whitepapers and hundreds of articles and guest blog posts, and he is a regular contributor to SearchSecurity.com, SearchEnterpriseDesktop.com, SearchWindowsServer.com, and Security Technology Executive magazine.

Kevin is the creator and producer of the Security On Wheels audiobooks, which provide security learning for IT professionals on the go (http://www.securityonwheels.com) and its associated blog (http:// www.securityonwheels.com/blog). He also covers information security and related matters on Twitter (@kevinbeaver) and YouTube (PrincipleLogic). He earned his bachelor’s degree in computer engineering technology from Southern College of Technology and his master’s degree in management of technology from Georgia Tech. He obtained his CISSP certification in 2001 and also holds MCSE, Master CNE, and IT Project+ certifications.

Kevin can be reached through his website (http://www.principlelogic.com) and invites you to connect to him via LinkedIn (http://www.linkedin.com/in/kevinbeaver).

Rebecca Herold has over 25 years of information privacy, security, and compliance expertise. She is CEO of Privacy Professor® and is a partner for Compliance Helper®. She has led the NIST SGIP Smart Grid Privacy Subgroup since June 2009. She has been an adjunct professor for the Norwich University Master of Science in Information Security and Assurance (MSISA) program since 2005. She has written 17 books and hundreds of published articles. She has been invited to speak at a wide variety of events throughout the United States, and in other worldwide locations such as Melbourne, Australia; Bogotá, Colombia; and Naas, County Kildare, Ireland.

Rebecca is widely recognized and respected, and has been providing information privacy, security, and compliance services, tools, and products to organizations in an extensive range of industries for over two decades. Just a few of her awards and recognitions include the following:

  • Rebecca was ranked #2 in the "Top 25 Female Infosec Leaders to Follow on Twitter" in 2014 by Information Security Buzz.
  • Rebecca was named to the ISACA International Privacy Task Force in 2013.
  • Rebecca was named on Tripwire’s list of "InfoSec’s Rising Stars and Hidden Gems: The Top 15 Educators" in July 2013.
  • Rebecca was ranked #5 in the "Top 25 Female Infosec Leaders to Follow on Twiter" in 2013 by Information Security Buzz.
  • Rebecca has been named one of the "Best Privacy Advisers in the World" multiple times in recent years by Computerworld magazine, most recently ranking third in the world in the last rankings provided.
  • In 2012, Rebecca was named one of the most influential people and groups in online privacy by Techopedia.com.
  • In 2012, Rebecca was named a Privacy by Design Ambassador by the Ontario, Canada Data Privacy Commissioner.

Rebecca is a partner for the Compliance Helper services for health-care organizations and their business associates to meet their HIPAA, HITECH, and other legal requirements. She is a member of the IAPP Certification Advisory Board, and is an instructor for the IAPP’s CIPM, CIPP/IT, CIPP/US, and CIPP foundations classes.

Rebecca currently serves on multiple advisory boards for security, privacy, and high-tech technology organizations. She is frequently interviewed and quoted in diverse broadcasts and publications such as IAPP Privacy Advisor, BNA Privacy & Security Law Report, Wired, Popular Science, Computerworld, IEEE’s Security and Privacy Journal, NPR, and many others. She regularly appears on the Des Moines, Iowa-based Great Day morning television program on KCWI to discuss and provide advice for information security and privacy topics.

Rebecca was born and raised in Missouri and has degrees in math, computer science, and education. She has lived in Iowa on a farm with her family for the past couple of decades, where they raise corn, soy beans, and sunflowers, and make hay. They are currently renovating a house that is over 100 years. See more about Rebecca, her work, services, and products at:

  • The Privacy Professor (http://www.privacyguidance.com and http://www.privacyprofessor.org)
  • Co-Owner, CPO, and CISO, SIMBUS (http://www.hipaacompliance.org)
  • Partner, Compliance Helper (http://www.compliancehelper.com)
  • Adjunct Professor for the Norwich University Master of Science in Information Security and Assurance (MSISA) program (http://infoassurance.norwich.edu/)
  • Twitter ID: PrivacyProf (http://twitter.com/PrivacyProf)

 

--This text refers to the Paperback edition.
NO_CONTENT_IN_FEATURE
The latest book club pick from Oprah
"The Underground Railroad" by Colson Whitehead is a magnificent novel chronicling a young slave's adventures as she makes a desperate bid for freedom in the antebellum South. See more

Product Details

  • Hardcover: 496 pages
  • Publisher: Auerbach Publications; 1 edition (November 24, 2003)
  • Language: English
  • ISBN-10: 0849319536
  • ISBN-13: 978-0849319532
  • Product Dimensions: 9.5 x 6.2 x 1.3 inches
  • Shipping Weight: 1.8 pounds (View shipping rates and policies)
  • Average Customer Review: 4.2 out of 5 stars  See all reviews (18 customer reviews)
  • Amazon Best Sellers Rank: #1,701,939 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

Format: Hardcover
Rebecca and Kevin have created an excellent resource for HIPAA Security Practictioners. They provide practical guidance for interpreting the HIPAA security rule, in terms that the non-security professional can understand. Especially of value are the ideas on how to "implement" the security rule, broken down by the relevant HIPAA security standard. I agree with the practical approach that they take within the book, as it is consistent with the HIPAA message that I have also been communicating over the past several years. There are also useful lists of items needed to maintain security compliance after implementation. This is a good book for the novice and experienced privacy/security professional. It is nice to see that someone has compiled this much useful information into one book. Nice job ! This is a must have book if you are a Security of Privacy Officer.
Comment 24 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
I found the book to be straightforward and easy to follow. I have been in the security business for many years and I am now finding it necessary to work on projects revolving around HIPAA. This book navigates the jargon in clear and easy to understand text. The examples and plain discussion around each rule clarified many questions that I had problems answering form my other security associates. There is some bad information floating around the industry and this book was accurate and applicable to today's requirements. The time spent reading this book was an excellent use of my resources, not only the HIPAA aspects, but also for the security insight on issues around privacy and information protection. This was just what I needed to complete some of my pending projects and I would highly recommend it to any security manager or consultants who need a deeper understanding of the current HIPAA security rule.
Comment 10 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
This is the best single reference that I've seen on the subject. Kevin and Rebecca have assembled a guide that is eminently practical, superbly organized, and tremendously helpful. I reach for it every time I have a question on HIPPA. In fact, it's the only HIPPA reference I've used since I got it.
Comment 12 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover Verified Purchase
A tough subject to unravel, this HIPAA law, but Herold did it, and with clarity. I've been in the medical field for over 30 years, and this book gave concise, direct insights I have not found in other manuals/training guides. Honestly, I don't know why anyone would drop $200-300 on books/manuals/guides that are cumbersome, wordy and unnecessarily bloated when they can have THIS guide. The most important thing I learned from this guide is: GONE are the days that a medical business can just use some type of pre-formed template to simply fill in blanks. HIPAA notices now have to be tailored-worded, exquisite specific to each individual medical practice, and in regards to its business, its services, etc. With explicit examples and directions from which to model, I was able to draft one specific for our practice. It was a 2-day work in progress, but once it was finished, I felt proud we could show our own personalized HIPAA guide to our patients.
Comment 2 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
By Stefan on October 23, 2015
Format: Hardcover Verified Purchase
GREAT resource. Very detailed. I cannot recommend this book highly enough. It is useful as both reading cover to cover and as a reference. It also links you to external sources of information, such as NIST publications on risk assessment, privacy blogs, ect.

I think it is interesting how the two authors cowrote this book. Herold handles the privacy half and Beaver handles the security. They have very distinct writing styles. The privacy section is more perspective (compliance based -- do this, do that, have a business associate agreement, have a notice of privacy practices with this and that in it, document PHI disclosures, , ect....) whereas the security section is vaguer (reflecting HIPAA's risk based approach).

It is worth noting that just because you read this book doesn't mean that you are qualified to do this in the real world -- this book won't make you an information security expert, capable of doing detailed risk analyses. Rather think of this book as one that will take an Infosec/Laywer/provider/ect and make them competent with HIPAA.

My only qualm is that the binding seems to be coming loose. That might be in part due to the fact that I open it so much, however most books don't physically deteriorate that rapidly. Not the fault of the authors, rather the publisher.
Comment One person found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Hardcover
`The Practical Guide to HIPAA Privacy and Security Compliance' is an excellent reference for anyone needed to come up to speed with HIPAA, or wanting a single-source HIPAA handbook. It is written in a clear, easy to understand style.
In six sections (comprising 25 chapters), the book provides you with just about everything you need to know about HIPAA from a security and privacy perspective. It is focused on a real-world approach to HIPAA compliance, and each chapter ends with a practical checklist.
HIPAA can be so overwhelming with its requirements that many people do not know where to start on their road to HIPAA compliance. The book shows what one can do, what the requirements are, and how they can be achieved and maintained in a step-by-step manner.
Appendix A contains 4 different case studies that give the reader different approaches to HIPAA, from the perspective of different HIPAA covered entities.
Appendix B contains nearly 20 pages of Sample Documents. It is hoped that the authors will place these documents on the books web site.
Appendix C is a good list of various HIPAA resources (software, consulting firms, etc).
Appendix D is a quiz about various HIPAA concepts.
Overall, `The Practical Guide to HIPAA Privacy and Security Compliance' is a very readable, practical and user-friendly guide for getting a handle on the abstract HIPAA requirements.
Comment 11 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Most Recent Customer Reviews

Set up an Amazon Giveaway

The Practical Guide to HIPAA Privacy and Security Compliance
Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more about Amazon Giveaway
This item: The Practical Guide to HIPAA Privacy and Security Compliance