E Point Perfect
Law \ Legal

NIST Publishes New Draft Guidance on HIPAA Security Rule


On July 21, 2022, the National Institute of Standards and Technology (“NIST”) released an updated draft of its HIPAA Security Rule guidance. The draft guidance, titled “Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide” (NIST Special Publication 800-66, Revision 2), is designed to assist HIPAA regulated entities “maintain the confidentiality, integrity and availability of electronic protected health information (ePHI).” NIST issued the updated draft guidance to align it with other NIST cybersecurity guidance documents that have been published since the original HIPAA Security Rule guidance was issued in 2008.

The draft guidance does not provide a checklist for HIPAA regulated entities to follow, but rather aims to improve risk management surrounding ePHI. While the draft guidance does not completely overhaul the prior version, it does place more emphasis on risk assessment and management of ePHI than the prior version.

NIST is seeking comments on the draft updated guidance until September 21, 2022. Individuals can submit their comments via email to sp800-66-comments@nist.gov.



Source link

Related posts

CFPB looks at connection between financial assistance for medical care and medical collections

FSB publishes 2022 annual report on promoting global financial stability

Applicant Advice to Prevent NYPD Disqualification

EU Adopts Digital Services Act

The Conseil d’Etat finds that decisions of the French Competition Authority to reject commitments cannot be appealed

Conference on Future-Proof Approaches for Risk Governance Will Be Held in January 2023