Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules

Posted on by Ben Rothke

I was flattered when John Trinckes asked me to write the forward to Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules, given the importance of the topic.

There are plenty of books on HIPAA going back a number of years.  But there is a death of books on HITECH.

For the uninitiated, HITECH is the Health Information Technology for Economic and Clinical Healthact, which was part of the American Recovery and Reinvestment Act; the stimulus program that President Obama pushed in early 2009.

In a nutshell, HITECH takes HIPAA and adds a lot of details, particulars, and perhaps more importantly, enforcement aspects.

HIPAA covers the principal areas of administrative, physical and technical controls.   The book details the requirements around these areas and shows how covered entities can ensure they are compliant.

The book is 400 densely packed pages encompassing 400 pages that provides the reader with a thorough overview of the core elements that they need to know about HIPAA and HITECH.

While a completely comprehensive topic on the subject would likely be close to 1,000 pages in length, the book covers all of the core areas around HIPAA and HITECH.

Areas covered in the book include an overview of what meaningful use means, details of what the impediments to HIPAA/HITECH compliance are, overview of a HIPAA / HITECH privacy and security audit program, details on breach notification guidelines, and much more.

For those looking for a thorough and comprehensive reference guide on the topic, the Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules will be a tremendous asset.



Ben Rothke

Senior Information Security Manager, Tapad


data security privacy

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community