The Department of Health and Human Services’ Office for Civil Rights issued a crosswalk between the HIPAA Security Rule and the NIST Cybersecurity Framework Guidance.
NIST- the National Institute of Standards and Technology- is a federal agency that provides guidance on technologic security. NIST issued a framework in 2014 as voluntary guidance for critical infrastructure organizations to manage and reduce cybersecruity risk. The new crosswalk compares the NIST Framework to the HIPAA Security Rule to help employers identify any gaps in their security compliance programs.
A copy of the guidance can be found here.
