ABSTRACT
The objectives of this chapter are as follows:
Understand how to conduct a policy and procedure gap analysis.
Understand the process to developing or modifying policies and procedures.
Determine what is required to approve policies and procedures.
Understand how to effectively implement policies and procedures.
Determine what planning is required to test the adequacy of policies and procedures.
Understand what is required to conduct an assessment.
Determine the differences between a nontechnical and a technical evaluation.
Understand the requirements for conducting a periodic technical and nontechnical evaluation contained in the HIPAA Security Rule.
Determine what is required to conduct a reassessment of policies and procedures.
