Educause Security Discussion mailing list archives

Re: HIPAA and NIST 171 Crosswalk Mapping

From: "Penn, Blake C" <blake.penn () SECURITY GATECH EDU>
Date: Wed, 16 Oct 2019 20:21:16 +0000

Dewight,

You can create instant mappings like this using the Unified Compliance Framework. We have 800-171, 800-66, and PCI DSS 
among others in ours.<https://www.unifiedcompliance.com/>
 <https://www.unifiedcompliance.com/>
Best regards,<https://www.unifiedcompliance.com/>
 <https://www.unifiedcompliance.com/>
Blake Penn <https://www.unifiedcompliance.com/>
Information Security Policy and Compliance Manager <https://www.unifiedcompliance.com/>
Cyber Security <https://www.unifiedcompliance.com/>
Georgia Institute of Technology <https://www.unifiedcompliance.com/>
(404) 385-5480 <https://www.unifiedcompliance.com/>

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Dewight Fredrick 
Kramer
Sent: Wednesday, 16 October, 2019 16:01
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] HIPAA and NIST 171 Crosswalk Mapping

Hello,

I have been asked to developed a HIPAA – NISTSP 800-171 crosswalk for the controls that are required.  I did a quick 
google search and did not find any direct mapping but I did see a possible path forward with using the NISTSP 800-66  
and NIST SP800-171 and how they both map to NIST SP 800-53.  Before I endeavor on this task, I am reaching out to this 
group to see if anyone has already created such a mapping or knows of one.  This would save many hours!

Thank you,


Dewight F. Kramer
Assistant CISO
University of California, Davis
One Shields Avenue
Davis, CA 95616
(530)752-1700
dfkramer () ucdavis edu<mailto:dfkramer () ucdavis edu>
http://security.ucdavis.edu<http://security.ucdavis.edu/>


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

HIPAA and NIST 171 Crosswalk Mapping Dewight Fredrick Kramer (Oct 16)
- Re: HIPAA and NIST 171 Crosswalk Mapping Penn, Blake C (Oct 16)
- Re: HIPAA and NIST 171 Crosswalk Mapping Rob Milman (Oct 16)
- <Possible follow-ups>
- Re: HIPAA and NIST 171 Crosswalk Mapping George J. Silowash (Oct 17)