Security Basics mailing list archives

RE: hipaa guidance

From: "Cronican, John" <JCronican () sempra com>
Date: Wed, 12 Oct 2005 16:58:36 -0700

The National Institute of Science and Technology (NIST) has documented
an excellent guide for HIPAA.

http://csrc.nist.gov/publications/nistpubs/800-66/SP800-66.pdf

John

John G. Cronican, Jr. (BEE, MSSM, CISSP, IAM)
Sr. Infrastructure Technologist
iProtect Sempra Energy
Sempra Energy Corporate Center & Sempra Energy Utilities
10949 Technology Place
San Diego, CA  92127
(858) 613-5738 (Desk)
(619) 787-1906 (Cell)
(619) 978-2493 (Pager)
 
JCronican () sempra com


-----Original Message-----
From: jblackley () sysmatrix net [mailto:jblackley () sysmatrix net] 
Sent: Wednesday, October 12, 2005 9:26 AM
To: security-basics () securityfocus com
Subject: Re: hipaa guidance


Dana,

first of all, I recommend that you spend a few more minutes googling
'HIPAA security' - securityfocus itself has an excellent piece on the
subject.

There are, to my knowledge, no free "check all these boxes and you'll be
compliant" HIPAA guides although using existing security standards will
get you close enough.

If you're still in doubt as to how to proceed I would, indeed, recommend
that your client engage someone experienced in HIPAA assessments.

John

Current thread:

hipaa guidance absolutezero273c (Oct 11)
- Re: hipaa guidance Josh Tolley (Oct 12)
- Re: hipaa guidance Josh Tolley (Oct 13)
- <Possible follow-ups>
- Re: hipaa guidance jblackley (Oct 12)
- RE: hipaa guidance Cronican, John (Oct 13)
- Re: hipaa guidance Dana (Oct 13)
  - Re: hipaa guidance Impulse (Oct 14)
- RE: hipaa guidance Chinnery, Paul (Oct 14)