The National Institute for Standards and Technology (“NIST”) has released the final version of its guidance on the HIPPA security rule. It had previously released a draft version of the guidance. Although the guidance is intended for use by federal agencies, it can also be used by private physician groups and hospitals on a voluntary basis.
The guidelines provide a comprehensive explanation of the security rule and give a structured, but flexible, framework for choosing, specifying, employing, and assessing the security controls in information systems of covered entities and their business associations.
The NIST guidelines are a helpful tool for both federal health care agencies and the private sector and can be accessed at:
© 2009 Parsonage Vandenack Williams LLC
For more information, contact firstname.lastname@example.org