PaulDotCom mailing list archives
HIPAA Remote Site Connection Question
From: j2mccluggage at adelphia.net (Jody & Jennifer McCluggage)
Date: Fri, 14 Aug 2009 23:28:54 -0400
I second that. That is the best guide to HIPAA I have come across. Also to second what was said earlier, HIPAA is not overly prescriptive (i.e. it does not dictate what actual steps to take to be compliant). That being said, recent updates and additions to HIPAA under the American Reinvestment and Recovery Act (ARRA), did direct Health and Human Services (HHS) to be a bit more prescriptive (through issued Guidance's). They did recently issue their first guidance around securing data at rest, in motion, in use, and at disposal. You may want to also take a look at it since it does address acceptable encryption (it basically points you to NIST 800-111 for data at rest and FIPS 140-2 for data in motion). The guidance can be found here: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/hitechrfi .pdf. You may also want to take a look at the section of ARRA that relates to HIPAA (Title XIII, subtitle D - http://en.wikisource.org/wiki/American_Recovery_and_Reinvestment_Act_of_2009 /Division_A/Title_XIII/Subtitle_D) since it was released subsequent to the NIST guidance. Jody _____ From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Jeremiah Wilson Sent: Friday, August 14, 2009 5:13 PM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] HIPAA Remote Site Connection Question Here's a link to the NIST's guidelines for hipaa compliance. - http://csrc.nist.gov/publications/nistpubs/800-66-Rev1/SP-800-66-Revision1.p df - jeremy No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.5.392 / Virus Database: 270.13.56/2302 - Release Date: 08/14/09 06:10:00 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090814/567e637e/attachment.htm
Current thread:
- HIPAA Remote Site Connection Question Robert Miller (Aug 13)
- HIPAA Remote Site Connection Question Howard Siegel (Aug 13)
- HIPAA Remote Site Connection Question Michael Miller (Aug 13)
- HIPAA Remote Site Connection Question Jeremiah Wilson (Aug 14)
- HIPAA Remote Site Connection Question Jody & Jennifer McCluggage (Aug 14)
- HIPAA Remote Site Connection Question Jeremiah Wilson (Aug 14)
- HIPAA Remote Site Connection Question brad (Aug 14)
- HIPAA Remote Site Connection Question Gregory Baker (Aug 15)