Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Risk Ranking...

From: "Brian Loe" <knobdy () gmail com>
Date: Tue, 29 Aug 2006 15:35:30 -0500
What kind of incidents are you talking about? HIPAA requirements
should help, since you're in healthcare. You might look up DITSCAP for
a guideline as well (military, DoD security requirements).

Usually with HIPAA you'll have levels of disclosure for PHI incidents
- but I'm not sure that they bother ranking them.

Since "google" is now a verb, how do you spell googleing/googling? :)

On 8/28/06, Barrick, Chanda B <cbbarric () iupui edu> wrote:

I am trying to figure out how to develop a risk ranking methodology for incident reporting in a healthcare environment.  I don't 
even really know where to begin.  I've been googleing, but I'm not finding much that is helpful.  Anyone have any 
suggestions?

Thanks
Chanda


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: