I reviewed NIST SP 800-66(R1) An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. I've posted the enhanced version of that effort which includes additional links to VMware, Cisco, EMC, and RSA healthcare portals.
Download the spreadsheet under the Documents tab.
I reverse mapped HIPAA to SP800-53A(3) controls based on SP800-66 guidance. 800-53A withdrawn controls were remapped to the specified replacement controls. Ping me if you have any questions. You need additional guidance in order to appropriately implement the HIPAA security rule. This is not enough to stand on its own - BUT it is an interesting look at the similarities in controls across authorities.
I reverse mapped HIPAA to SP800-53A(3) controls based on SP800-66 guidance. 800-53A withdrawn controls were remapped to the specified replacement controls. Ping me if you have any questions. You need additional guidance in order to appropriately implement the HIPAA security rule. This is not enough to stand on its own - BUT it is an interesting look at the similarities in controls across authorities.
Links to Additional Resources:
- Health Information Technology
- Privacy and Security Framework
- HIPAA Security Information Series
- Security Standards: Technical Safeguards
What
|
Where
|
U.S. Department HHS
|
|
45 C.F.R. Part 160
|
|
45 C.F.R. Part 162
|
|
45 C.F.R. Part 164
|
|
NIST Special Pubs
|
|
Cisco
|
|
Vmware
|
|
EMC
|
|
VCE
|
http://www.vce.com/solutions/healthcare.htm
|