HIPAA Security Standards for the Protection of Electronic Protected Health Information
The Final Rule adopting HIPAA standards for the security of electronic protected health information was published in the Federal Register on February 20, 2003. Most covered entities had to comply with the Security Rule by April 20, 2005. The Security Rule specifies a series of administrative, technical, and physical security procedures for covered entities to use to assure the confidentiality of electronic protected health information. The standards are delineated into either required or addressable implementation specifications.
Additional Security Resources
The Computer Security Division (CSD) is one of eight divisions within the National Institute of Standards and Technology's (NIST) Information Technology Laboratory. NIST's CSD supports the intelligent management of IT risks, vulnerabilities and protection needs.
NIST's CSD develops computer security prototypes, tests, standards, and procedures to protect sensitive information from unauthorized access or modification. These publications present the results of NIST studies, investigations, and research on information technology security issues.
NIST's CSD has developed a DRAFT Introductory Resource Guide for Implementing the HIPAA Security Rule (NIST SP 800-66) , which is an excellent resource for covered entities implementing the NIST HIPAA Security Rule document.
For the full list of NIST Security publications, visit NIST's CSD publications library at: http://csrc.nist.gov/publications/index.html
Adobe Acrobat Reader is required to view the file(s) above. Download a free version.