Go to the documents tab to find spreadsheet versions of the below.
By the way – yes, I downloaded and reviewed the current version of the HITRUST framework.
On another note, HITECH has nothing to do with technical controls and is an unfortunate name. It's confusing, but it's entire focus is enforcement – putting teeth into HIPAA using financial penalties as an incentive. Please do not use it out of context.
- NIST HIPAA Security Rule Toolkit
http://scap.nist.gov/hipaa/ - Security Risk Assessment Tool (SRA Tool)
https://www.healthit.gov/providers-professionals/security-risk-assessment-tool - Technical Safeguards [DOCX - 240 KB]
https://www.healthit.gov/sites/default/files/20140320_sratool_content_-_technical_volume_v1.docx - Top 10 Tips for Cybersecurity in Health Care
https://www.healthit.gov/providers-professionals-newsroom/top-10-tips-cybersecurity-health-care
By the way – yes, I downloaded and reviewed the current version of the HITRUST framework.
On another note, HITECH has nothing to do with technical controls and is an unfortunate name. It's confusing, but it's entire focus is enforcement – putting teeth into HIPAA using financial penalties as an incentive. Please do not use it out of context.