part I PROGRAMS AND PROCESSES -- chapter 1 THE ROLES AND RESPONSIBILITIES -- chapter 2 THE FINAL HIPAA SECURITY RULE IS HERE! NOW WHAT? / chapter 3 INCORPORATING HIPAA SECURITY REQUIREMENTS INTO AN ENTERPRISE SECURITY PROGRAM -- chapter 4 STEPS TO AN EFFECTIVE DATA CLASSIFICATION PROGRAM -- part II STANDARDS AND COMPLIANCE -- chapter 5 HIPAA SECURITY AND THE ISO/IEC 17799 -- chapter 6 EXECUTION OF A SELF-DIRECTED RISK ASSESSMENT METHODOLOGY TO ADDRESS HIPAA DATA SECURITY REQUIREMENTS / chapter 7 TEN STEPS TO EFFECTIVE WEB-BASED SECURITY POLICY DEVELOPMENT AND DISTRIBUTION / part III ECONOMICS, LEGALITY, AND LIABILITY -- chapter 8 HIPAA PRIVACY RULES REQUIRE SECURITY COMPLIANCE / chapter 9 LEGALITIES AND PLANNING: THE STAKE IS IN THE GROUND -- part IV TRANSACTION AND INTERACTIONS -- chapter 10 HIPAA FROM THE PATIENT'S POINT OF VIEW / chapter 11 INTEROPERABILITY AND BUSINESS CONTINUITY INVOLVING HIPAA EDI TRANSACTIONS / chapter 12 THE ROLE OF DHHS, CMS, OCR, AND OHS / part V SECURITY, PRIVACY, AND CONTINUITY -- chapter 13 THE HIPAA SECURITY RISK ANALYSIS / chapter 14 HIPAA SECURITY COMPLIANCE: WHAT IT MEANS FOR DEVELOPERS, VENDORS, AND PURCHASERS / chapter 15 ISSUES AND CONSIDERATIONS FOR BUSINESS CONTINUITY PLANNING UNDER HIPAA / chapter VI APPENDICES.