HHS

Using NIST Guidance for HIPAA Compliance

As healthcare organizations ramp up HIPAA compliance efforts, they should make far greater use of guidance from the National Institute of Standards and Technology, says security consultant Mac ...
Healthcare IT News

NIST 800-66r2 is evolving HIPAA incident response guidelines – here’s what you need to know

When the Biden administration released its National Cybersecurity Strategy, it was the latest signal that the federal government plans to increase its focus on data protection. NIST 800-66r2 is ...
Healthcare IT News

Healthcare organizations lagging behind NIST Cybersecurity Framework, HIPAA guidance

Despite some halting progress with cybersecurity readiness, healthcare is still lacking in many key areas, according to a new progress report from the consultancy CynergisTek. In particular, the study ...
JD Supra

NIST Publishes Final “Cybersecurity Resource Guide” on Implementing the HIPAA Security Rule

In an important development for HIPAA-regulated entities looking for practical assistance in understanding, implementing, and enhancing compliance with the HIPAA Security Rule, the National Institute ...
JD Supra

Because NIST Alignment Isn’t Enough: OCR’s Risk Management Message Under the HIPAA Security Rule

OCR is expanding its Risk Analysis Initiative to include demonstration of compliance with the HIPAA Security Rule’s risk management requirement. Framework assessments, maturity reviews, and ...
Fierce Healthcare

HHS OCR maps HIPAA Security Rule to NIST Cybersecurity Framework

The Department of Health and Human Services' Office for Civil Rights has released a "crosswalk" between the National Institute of Standards and Technology's cybersecurity framework and the HIPAA ...
Becker's Hospital Review

HIPAA & NIST Cybersecurity Framework crosswalk: 3 things to know

Healthcare providers are tasked with safeguarding patients’ information, and that responsibility is guided by requirements and suggestions from several sources. The Office of the National Coordinator ...