Educause Security Discussion mailing list archives
Implementing risk analysis process to meet HIPAA security requirements
From: David Grisham <DGrisham () SALUD UNM EDU>
Date: Mon, 12 Jan 2004 15:23:06 -0700
I would appreciate anyone who has already implemented a university wide or health science center level risk analysis process at their institution to send any observations about implementing the process. A fairly straightforward web form can be put into place. Where I anticipate the problems are in the education of the owners of Electronic Protected Health Information (EPHI) and the integration of the process throughout the IT enterprise. I will summarize all replies. Cheers. --grish David D. Grisham, Ph.D., CISM Adjunct Faculty, Computer Science Department, UNM Information Security Manager, UNM Hospitals, Ph: (505) 272-5657 FAX 272-3305 1650 University Blvd, suite 500 Albuquerque, NM 87102 e-mail business: dgrisham () salud unm edu other personal or academic: dave () unm edu ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Implementing risk analysis process to meet HIPAA security requirements David Grisham (Jan 12)
- <Possible follow-ups>
- Re: Implementing risk analysis process to meet HIPAA security requirements Craig Blaha (Jan 13)
- Re: Implementing risk analysis process to meet HIPAA security requirements Gordon D. Wishon (Jan 13)