Negotiamini Media
Truth is Powerful

NIST revises healthcare guidance to improve HIPAA Security Rule compliance


The National Institute of Standards and Technology announced an update to its healthcare cybersecurity guidance, placing a greater emphasis on the guidance’s risk management component, including integrating enterprise risk management concepts.

The draft publication 800-66 , focuses on helping inform the industry about security issues around electronic protected health information, or ePHI, which runs the gamut of patient data from lab results to hospital visits within the context of the HIPAA Security Rule.

The HIPAA Security Rule, which specifically focuses on protecting the confidentiality, integrity, and availability of ePHI, is separated into six main sections, ranging from general rules and administrative safeguards to technical and physical safeguards.

The guidance also draws attention to the new challenges posed by telehealth and telemedicine technologies, as well as cloud services and mobile device technology.

Also included are resources made available to help healthcare organizations protect ePHI from ransomware and phishing, two common threats that are rapidly evolving.
The draft document includes advisories for education, training, and awareness of personnel at healthcare organizations, as well as methods to help protect organizational data and the resources that store and access ePHI, including zero-trust architecture and digital identity guidelines. THE LARGER TREND The U.S. […]

Click here to view original web page at


This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More