Privacy and Security

All healthcare entities that collect, store, use, or exchange protected health information have an obligation to their patients, by law and regulation, to protect that information. Multiple legislative and regulatory requirements exist to codify a healthcare entity's obligations and to provide the patient with recourse in the event that the protected health information is mishandled. To help organizations reach these goals, this section of the HIMSS Health IT Body of Knowledge contains information and resources on HIPAA, security risk analysis, disaster preparedness and business recovery and other relevant topics.

Legal and Regulatory Requirements (including HIPAA)

Identity Management

Risk Management

Disaster Preparedness and Business Recovery