Encyclopedia > Full Index

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

• abuse, neglect, domestic violence (HIPAA)
• access control
• access control (ISO)
• access control, facilities (HIPAA)
• access control, devices and systems (HIPAA)
• access to records, right of (HIPAA)
• accounting for disclosures of records, right to (HIPAA)
• additional protection, right to request (HIPAA)
• administrative safeguards, security (HIPAA)
• administrative simplification (HIPAA)
• agree or object, opportunity to (HIPAA) - see four information categories (HIPAA)
• amendment of records, right to (HIPAA)
• applied ethics
• asset management (ISO)
• assigned security responsibility (HIPAA)
• audit controls (HIPAA)
• audit trail
• autonomy, principle of
• authentication of identity
• authentication, person or entity (HIPAA)
• authorization (HIPAA)

• beneficence, principle of
• biometrics - see also authentication of identity
• Bluetooth
• business associate (HIPAA)
• business associate security contract or other arrangement (HIPAA)
• business continuity management (ISO)

• Cable Communications Policy Act of 1984 (CCPA)
• cadaveric organ and tissue donation (HIPAA) - see organ and tissue donation (HIPAA)
• checksum
• children, health privacy rights of - see minors, privacy rights of (HIPAA)
• claims attachments
• clearinghouse (HIPAA) - see covered entity (HIPAA)
• clients and servers
• Code on Dental Procedures and Nomenclature (CDT)
• code sets
• code sets (HIPAA) - see transaction and code set standards (HIPAA)
• cognitive level of training
• communications and operations management (ISO)
• complaints to privacy officer or DHHS (HIPAA)
• compliance (ISO)
• compliance dates, definition (HIPAA)
• compliance officer (HIPAA) - see privacy office/officer (HIPAA) and assigned security responsibility (HIPAA)
• compliance reviews by DHHS (HIPAA)
• compliance timetable (HIPAA) - go to HIPAA calendar
• computer memory
• computer security - see confidentiality, integrity, availability (CIA)
• computer storage - see flash drives, hard drives, optical media
• confidential communications, right to request (HIPAA)
• confidentiality, definition - see privacy and confidentiality, basic definitions
• confidentiality, integrity, availability (CIA)
• consent, principle of
• consent (HIPAA)
• consequentialist ethical theories
• contingency plan (HIPAA)
• cookies - see spyware and adware
• correctional institutions and other custodial facilities (HIPAA)
• covered entity (HIPAA)
• covered individual (HIPAA) - see covered entity (HIPAA)
• cryptography
• Current Procedural Terminology (CPT) codes

• data use agreement (HIPAA) - see limited data set (HIPAA)
• de-identified information (HIPAA)
• deontological (non-consequentialist) ethical theories
• designated records set (HIPAA)
• designated standards maintenance organization (HIPAA)
• device and media controls (HIPAA)
• direct vs. indirect treatment relationships (HIPAA)
• directory information (HIPAA)
• disclosure, disclosure exceptions (HIPAA) - see four information categories (HIPAA)
• disk drives - see hard drives
• disposal of records (HIPAA)
• Driver's Privacy Protection Act of 1994 (DPPA)
• documentation (HIPAA)

• education program (HIPAA) - see workforce privacy training (HIPAA) and security awareness and training (HIPAA)
• education records (FERPA/HIPAA)
• effective dates, definition (HIPAA)
• electronic data interchange (EDI)
• electronic mail (HIPAA)
• electronic protected health information (HIPAA) - see protected health information (HIPAA) and Security Rule applicability (HIPAA)
• employee disciplinary actions (HIPAA) - see workforce disciplinary actions (HIPAA)
• employment records (HIPAA)
• encryption - see cryptography
• equality, principle of

• facility access controls (HIPAA)
• fair information principles and practices
• fairness - see justice, principle of
• facsimile (fax) devices
• Family Education Rights and Privacy Act (FERPA) - see education records (FERPA/HIPAA)
• Financial Services Modernization Act (FSMA)
• flash drives
• Florida health privacy laws and regulations - see individual entries  
  • access to records, right to (Florida) 
  • accounting for disclosures (Florida) 
  • authorization of disclosures, and exceptions (Florida) 
  • child abuse, neglect, abandonment (Florida) 
  • employers (Florida) 
  • fundraising (Florida) 
  • genetic information (Florida) 
  • health system oversight (Florida) 
  • HIV/AIDS (Florida) 
  • insurance (Florida)  
  • marketing (Florida)  
  • medical record (Florida) 
  • mental health (Florida) 
  • minors, privacy rights of (Florida) 
  • preemption, overview (Florida)  
  • privacy and security policies (Florida) 
  • Patient's Bill of Rights and Responsibilities (Florida) 
  • public health (Florida) 
  • records owner (Florida) 
  • reportable diseases and conditions (Florida) 
  • research (Florida) 
  • sanctions (Florida) 
  • substance abuse (Florida) 
  • workforce training (Florida)
• Food and Drug Administration reporting (HIPAA) - see public health (HIPAA)
• four information categories (HIPAA)
• freedom - see liberty, principle of
• fundraising (HIPAA)

• genetic information (HIPAA)
• government benefit programs (HIPAA)
• government functions (HIPAA)
• Gramm-Leach-Bliley Act (GLBA) - see Financial Services Modernization Act (FSMA)

• hard drives
• health information (HIPAA) - see protected health information (HIPAA)
• health plan (HIPAA) - see covered entity (HIPAA)
• health care clearinghouse - see covered entity (HIPAA)
• health care component (HIPAA)
• health care operations (HIPAA)
• health care provider (HIPAA) - see covered entity (HIPAA)
• Healthcare Common Procedure Coding System (HCPCS)
• Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• health system oversight (HIPAA)
• HIPAA Code of Federal Regulations cross-reference
• HIPAA, compliance schedule - go to HIPAA regulatory calendar
• HIPAA, violation penalties
• hybrid entity (HIPAA)

• Identifier Standard/Rule (HIPAA)
• identity theft
• incidental uses and disclosures (HIPAA)
• information access management (HIPAA)
• information security incident management (ISO)
• information systems acquisition, development and maintenance (ISO)
• International Classification of Disease (ICD) codes
• international data protection conventions
• identified, identifiable information (HIPAA) - see de-identified health information (HIPAA)
• implementation feature, security (HIPAA) - see implementation specification, security (HIPAA)
• implementation specification, security (HIPAA)
• institutional cerfication organizations (JCAHO, NCQA)
• integrity, data (HIPAA)
• intimidating or retaliatory acts, refraining from (HIPAA)
• IRB (HIPAA) - see Privacy Board (HIPAA) and research (HIPAA)
• ISO Code of Practice for Information Security Management (ISO 17799, 27002)
  • access control (ISO)
  • asset management (ISO)
  • business continuity management (ISO)
  • communications and operations management (ISO)
  • compliance (ISO)
  • human resources security (ISO)
  • information security incident management (ISO)
  • information systems acquisition, development and maintenance (ISO)
  • organization of information security (ISO)
  • physical and environmental security (ISO)
  • risk assessment and treatment (ISO)
  • security policy (ISO)

• judicial and administrative proceedings (HIPAA)
• justice, principle of

• laptops - see portable computing devices
• law enforcement (HIPAA)
• liberty, principle of
• liberty-limiting principles - see paternalism
• limited data set (HIPAA)

• malware
• marketing (HIPAA)
• military and veterans activities (HIPAA)
• minimum necessary (HIPAA)
• minors, privacy rights of (HIPAA)
• mitigation (HIPAA)
• model documents and forms (HIPAA)

• National Drug Codes (NDC)
• National Council for Prescription Drug Programs (NCPDP) standards
• national security (HIPAA)
• non-consequentialist ethical theories - see deontological ethical theories
• Notice of Privacy Practices (HIPAA)

• opportunity to agree or object (HIPAA) - see four information categories (HIPAA)
• opt in vs. opt out
• optical media
• oral communication (HIPAA)
• organ and tissue donation (HIPAA)
• organization of information security (ISO)

• paper-based information (HIPAA)
• parents and minors - see minors, privacy rights of (HIPAA)
• passwords - see also authentication of identity
• paternalism
• patient rights (HIPAA)
• payment (HIPAA)
• Payment Card Industry (PCI) Data Security Standard
• personal digital assistant (PDA) - see portable computing devices
• pediatrics and privacy - see minors, privacy rights of (HIPAA)
• person or entity authentication (HIPAA)
• personal representative (HIPAA)
• phishing
• photocopiers and printers
• physical and environmental security (ISO)
• physical safeguards, security (HIPAA)
• pluralism and relativism
• portable computing devices
• preemption by/of state laws (HIPAA)
• privacy and confidentiality, basic definitions
• privacy board (HIPAA)
• privacy office/officer (HIPAA)
• privacy officer, designating and training (HIPAA)
• privacy policies and procedures (HIPAA) - see sample policies (HIPAA)
• Privacy Standard/Rule (HIPAA)
• professional codes, data protection obligations of
• protected health information (HIPAA)
• provider (HIPAA) - see covered entity (HIPAA) and direct vs. indirect treatment relationships (HIPAA)
• psychotherapy notes (HIPAA)
• public health (HIPAA)
• purpose-based protections (HIPAA et al)

• radio frequency identification (RFID)
• reasonable safeguards (HIPAA)
• receipt of Notice of Privacy Practices (HIPAA)
• reciprocity and generalizability, norms of
• regulatory compliance deadlines (HIPAA) - go to HIPAA calendar
• reporting violations (HIPAA) - see complaints to privacy officer or DHHS (HIPAA)
• research (HIPAA)
• restriction request (HIPAA) - see additional protection, right to request (HIPAA)
• retention of records (HIPAA) - see documentation (HIPAA)
• risk assessment and treatment (ISO)
• role-based limitations (HIPAA) - see minimum necessary (HIPAA) and purpose-based protections (HIPAA et al)

• sanctions (HIPAA) - see HIPAA, violation penalties
• sample policies (HIPAA)
• scenarios for training - see education section
• secure disposal
• secure disposal methods by media type
• security and data protection, basic definitions
• security awareness and training (HIPAA)
• security evaluation (HIPAA)
• security incident procedures (HIPAA)
• security management process (HIPAA)
• security office/officer (HIPAA) - see assigned security responsibility (HIPAA)
• security policies and procedures (HIPAA) - see sample policies (HIPAA)
• security policy (ISO)
• Security Standard/Rule (HIPAA)
• Security Standard/Rule "electronic" applicability (HIPAA)
• Security Standard/Rule documentation (HIPAA)
• Security Standard/Rule enforcement (HIPAA)
• Security Standard/Rule standards and implementation specifications (HIPAA)
• Security Standard/Rule policies and procedures (HIPAA)
• server computer - see clients and servers
• spam
• spyware and adware
• standard identifier (HIPAA) - see Identifier Standard (HIPAA)
• standard transaction (HIPAA) - see Transaction and Code Set Standard (HIPAA)
• standards maintenance organization (HIPAA)
• state data protection laws - go to laws & regulations index
• student records - see education records (FERPA/HIPAA)
• state preemption (HIPAA) - see preemption by/of state laws (HIPAA)
• students (HIPAA)

• technical safeguards, security (HIPAA)
• telephone use
• tokens - see also authentication of identity
• trainees (HIPAA) - see students (HIPAA)
• Transaction and Code Sets Standard/Rule (HIPAA)
• transmission security (HIPAA)
• treatment (HIPAA)
• treatment, payment or health care operations (HIPAA) - see direct vs. indirect treatment relationships (HIPAA), health care operations (HIPAA), and payment (HIPAA)
• trojans - malware

• US federal privacy laws
• USA Patriot Act of 2001 (USAPA)
• uses and disclosures, general rules (HIPAA) - see four information categories (HIPAA)
• utilitarianism - see consequentialist ethical theories

• Video Privacy Protection Act of 1988 (VPPA)
• violations, sanctions for (HIPAA) - see HIPAA, violation penalties
• viruses - see malware

• whistleblowers (HIPAA)
• wireless area network (WAN) - see wireless network devices
• wireless network devices
• Wi-Fi (802.11)
• Wireless Equivalent Privacy (WEP) - see Wi-Fi (802.11)
• workforce, definition (HIPAA)
• workforce crime victims, disclosures by (HIPAA)
• workforce disciplinary actions (HIPAA)
• workforce security (HIPAA)
• workforce privacy training (HIPAA)
• workforce security training (HIPAA) - see security awareness and training (HIPAA)
• workstation security (HIPAA)
• workstation use (HIPAA)
• worms - see malware

• X12N transaction standard

Last modified: 24-Jul-2006