Hi All,
NIST just published for comment NIST SP 800-66r2 ipd Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide Draft
The HIPAA Security Rule specifically focuses on protecting the confidentiality, integrity, and availability of electronically protected health information (ePHI), as defined by the Security Rule. All HIPAA-regulated entities must comply with the requirements of the Security Rule.
This draft update:
• Includes a brief overview of the HIPAA Security Rule
• Provides guidance for regulated entities on assessing and managing risks to ePHI
• Identifies typical activities that a regulated entity might consider implementing as part of an information security program
• Lists additional resources that regulated entities may find useful in implementing the Security Rule
A public comment period is open through September 21, 2022. See the publication details for a copy of the draft and instructions for submitting comments.
@James Angle
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------