[ISN] NIST offers HIPAA security guidance

From: InfoSec News (isn@private)
Date: Tue Mar 29 2005 - 04:54:15 PST


http://www.gcn.com/vol1_no1/daily-updates/35364-1.html

By Mary Mosquera 
GCN Staff
03/28/05

The National Institute of Standards and Technology has issued a new
guide on securing health information.

The guide, Special Publication 800-66 [1], recommends the type of
systems that are needed to meet the Health Insurance Portability and
Accountability Act security mandates that take effect April 20.

The publication, An Introductory Resource Guide for Implementing the
Health Insurance Portability and Accountability Act Security Rule,
details the minimum requirements to secure health information and
systems.

NIST identifies resources relevant to the specific security standards
included in the HIPAA security rule and provides implementation
examples for each.

Under the rule, doctors and hospitals must secure and protect patient
information from unauthorized use, such as hackers, while also keeping
it available for legitimate use. The rule also applies to agencies
that transmit health information in electronic form.

The guide also lays out similarities between the HIPAA security rule
and the Federal Information Security Management Act of 2002, which all
agencies must fulfill.

[1] http://csrc.nist.gov/publications/nistpubs/800-66/SP800-66.pdf



_________________________________________
Network Security - http://www.auditmypc.com
Free vulnerability test - How secure is your computer?



This archive was generated by hypermail 2.1.3 : Tue Mar 29 2005 - 06:49:23 PST