[ISN] NIST offers HIPAA security guidance
InfoSec News
isn at c4i.org
Tue Mar 29 07:54:15 EST 2005
http://www.gcn.com/vol1_no1/daily-updates/35364-1.html
By Mary Mosquera
GCN Staff
03/28/05
The National Institute of Standards and Technology has issued a new
guide on securing health information.
The guide, Special Publication 800-66 [1], recommends the type of
systems that are needed to meet the Health Insurance Portability and
Accountability Act security mandates that take effect April 20.
The publication, An Introductory Resource Guide for Implementing the
Health Insurance Portability and Accountability Act Security Rule,
details the minimum requirements to secure health information and
systems.
NIST identifies resources relevant to the specific security standards
included in the HIPAA security rule and provides implementation
examples for each.
Under the rule, doctors and hospitals must secure and protect patient
information from unauthorized use, such as hackers, while also keeping
it available for legitimate use. The rule also applies to agencies
that transmit health information in electronic form.
The guide also lays out similarities between the HIPAA security rule
and the Federal Information Security Management Act of 2002, which all
agencies must fulfill.
[1] http://csrc.nist.gov/publications/nistpubs/800-66/SP800-66.pdf
More information about the ISN
mailing list