HIPAA Plain and Simple: A Health Care Professionals Guide to Achieve HIPPA and HITECH Compliance / Edition 2

Paperback (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $69.14
Usually ships in 1-2 business days
(Save 13%)
Other sellers (Paperback)
  • All (3) from $69.14   
  • New (1) from $71.24   
  • Used (2) from $69.14   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
Seller since 2015

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

Brand new, never opened. Sells out fast! - 2nd Edition - Paperback - ISBN 9781603592055

Ships from: Lexington, KY

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Sort by


The initial HIPAA privacy, security, and e-transactions regulations have been expanded to more broadly impact virtually all health care providers, insurers, business associates, and consumers. These entities must now adopt stringent privacy, security, and breach notification processes to comply with these regulations and those of the new HITECH Act that aim to secure electronic exchange for patient protected health information (PHI).

HIPAA Plain & Simple: A Health Care Professionals Guide to Achieve HIPAA and HITECH Compliance provides the foundation and framework necessary to understand these complex rules and regulations and translate them into best practices for your workforce members and patients. With this invaluable resource, everyone who handles PHI, including physicians, nurses, billing clerks, and other health care professionals will fully understand how to be compliant with the new rules and regulations.

A follow-up from the bestselling authors who brought you the original HIPAA Plain & Simple, this timely publication once again presents complex information in a succinct, precise, and direct method that makes it a user-friendly resource for every medical office staff member.

Read More Show Less

Product Details

  • ISBN-13: 9781603592055
  • Publisher: American Medical Association
  • Publication date: 11/1/2010
  • Edition description: Older Edition
  • Edition number: 2
  • Pages: 319
  • Product dimensions: 6.00 (w) x 8.80 (h) x 0.80 (d)

Table of Contents

Forewords Louis W Sullivan, MD David J Brailer, MD, PhD xi

About the Authors xvii

Introduction xix

Chapter 1 HIPAA, HITECH, and Breach Notification Overview 1

Building the Infrastructure 4

Four Sets of Standards 8

Transactions and Code Sets 8

Privacy Standards 10

Security Standards 12

Identifiers 14

Change in Focus: Administrative to Clinical Processes 15

The HITECH Act 16

Security Rule and Business Associates 17

Costs Related to Breach 19

Breach Notification 20

Guidance on Securing Protected Health Information 23

Enforcement 26

Getting Started 27

Chapter 2 Transactions and Code Sets 31

Transaction Standards 32

Need for Transaction and Code Set Modifications 34

Health Care Claim Payment/Advice (835) 36

Health Care Claim Status Request and Response (276/277) 38

HIPAA Transaction Standards: Final Rule 40

Effective Dates of Final Rule 40

Compliance Dates for Final Rule 49

Testing Requirements and Dates in Final Rule 50

An Overview of Code Sets 51

Code Sets in the Physician's Office 52

Code Set Categories 53

Medical Data Code Sets 53

Nonmedical Data Code Sets 56

How to Read Code Sets 56

ICD-10: Code Set Standards Modification 61

What 5010 and ICD-10-CM Mean to Your Practice 69

Impact of Health Insurance Reform on Administrative Simplification Transactions 70

Chapter 3 The Privacy Team 75

Step 1 Build the Foundation for Privacy Management 77

Step 1A Identify a Privacy Official 77

Personnel Designations (Privacy Official) 78

Designate a Privacy Team 80

Develop a Budget and Time-and-Task Chart 80

Step 1B Revisit Your Notice of Privacy Practices 81

Step 1C Consistent with Other Documentation 82

Step 1D Develop Policies and Procedures 82

Step 1E Documentation 83

Step 1F Training 84

Step 1G Sanctions 86

Step 1H Mitigation 86

Step 1I Refraining from Intimidating or Retaliatory Acts 88

Step 1J Waiver of Rights 89

Step 1K Establish Minimum Necessary Limits for Use and Disclosures of PHI 89

Step 2 Identify Permissions for Use and Disclosure of Protected Health Information (PH1) 90

Step 2A Required Disclosures 92

Step 2B Permissible Disclosures: Treatment Payment and Health Care Operations 94

Step 2C Permissible Disclosures: Another Covered Entity's Treatment, Payment, and Health Care Operations 95

Step 2D Permitted Disclosures: Family, Friends, and Disaster Relief Agencies 96

Step 2E Incidental Uses or Disclosures 98

Step 2F Other Uses or Disclosures in Which Authorization is Not Required 99

Step 2G Uses and Disclosures of De-Identified Protected Health Information 100

Step 2H Limited Data Set for Purposes of Research, Public Health, or Health Care Operations 101

Step 3 Identify Uses and Disclosures that Require Authorizations 103

Step 3A Identify Uses and Disclosures that Require Authorizations 103

Step 3B Psychotherapy Notes 107

Step 4 Identify Protected Health Information (PHI) Special Permissions 108

Step 5 Update Your HIPAA Privacy Safeguards 110

Step 6 Update New Patient Rights, Including Rights Provided in the HITECH Act 112

Step 6A Right to Access Protected Health Information (PHI) 112

Step 6B Patient's Right to Request an Amendment to Content in Patient Record 115

Step 6C Accounting of Disclosures 117

Step 6D Confidential Communications Requirements 119

Step 6E Right of an Individual to Request Restriction of Uses and Disclosures 119

Step 6F Right to File a Complaint 121

Step 7 Disclosures to Business Associates 122

Step 8 Revise and Protect Marketing Activities 124

Step 9 Train Your Staff on New Issues and Provide Refreshers for Privacy Policies and Procedures 126

Step 10 Implement Your Plan and Evaluate Your Compliance Status 130

Chapter 4 HIPAA Security: Tougher, but with Safe Harbors 133

About HIPAA's Security Rule 134

General Rules 136

Security Standards and Implementation Specifications Overview 139

Administrative Safeguard Standards and Implementation Specifications 143

Security Management Process 143

Risk Analysis 144

Risk Management 144

Sanction Policy 145

Information System Activity Review 145

Assigned Security Responsibility 146

Workforce Security 147

Authorization and/or Supervision 148

Workforce Clearance Procedure 149

Termination Procedures 149

Information Access Management 150

Isolating Health Care Clearinghouse Functions 150

Access Authorization 151

Access Establishment and Modification 152

Security Awareness and Training 152

Security Reminders 155

Protection from Malicious Software 155

Log-in Monitoring 156

Password Management 156

Security Incident Procedures 157

Response and Reporting 157

Contingency Plan 158

Data Backup Plan 161

Disaster Recovery Plan 161

Emergency Mode Operation Plan 162

Testing and Revision Procedures 163

Applications and Data Criticality Analysis 163

Evaluation 164

Business Associate Contracts and Other Arrangements 166

Written Contract or Other Arrangement 167

Physical Safeguard Standards and Implementation Specifications 168

Facility Access Controls 168

Contingency Operations 168

Facility Security Plan 169

Access Control and Validation Procedures 170

Maintenance Records 171

Workstation Use 171

Workstation Security 172

Device and Media Controls 173

Disposal 174

Media Re-use 174

Accountability 175

Data Backup and Storage 176

Technical Safeguard Standards and Implementation Specifications 176

Access Control 177

Unique User Identification 177

Emergency Access Procedure 177

Automatic Log-off 178

Encryption and Decryption 179

Audit Controls 181

Integrity 182

Mechanism to Authenticate Electronic Protected Health Information 183

Person or Entity Authentication 183

Transmission Security 184

Integrity Controls 185

Encryption 185

Chapter 5 Communication, Training, and Social Networking Media 187

Why Talk About Communications in a HIPAA Book? 188

What HIPAA Says About Oral and Written Communication 188

Oral Communications in the Medical Office 188

Communication and Social Networking 190

Incidental Uses and Disclosures 191

How the Staff Can Confidently Deal With HIPAA 192

What Patients Want to Know About HIPAA 194

Customize Your Internal and External Communications Plan 196

Develop an External Communications Plan 198

HIPAA Crisis Communications Management 200

Appendix A HIPAA Forms 205

Privacy Official Job Responsibilities 206

Management Advisor 206

Human Resources and Training 207

Risk Management 207

Business Associates 207

Patient Rights 207

Complaint Management 207

Qualifications 207

Otherwise Permitted Uses and Disclosures (45 CFR 164.512) 235

Communicating with a Patient's Family, Friends, or Others Involved in the Patient's Care 239

Common Questions About HIPAA 240

Appendix B Sample 12-Month Privacy and Security Refresher Training Sessions 247

Appendix C Additional Resources 251

Glossary Definitions 291

Index 309

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)