HHS Crosswalk for NIST and HIPAA

Posted by BAS - 07 April, 2016


The Department of Health and Human Services’ Office for Civil Rights issued a crosswalk between the HIPAA Security Rule and the NIST Cybersecurity Framework Guidance.

NIST- the National Institute of Standards and Technology- is a federal agency that provides guidance on technologic security.  NIST issued a framework in 2014 as voluntary guidance for critical infrastructure organizations to manage and reduce cybersecruity risk.  The new crosswalk compares the NIST Framework to the HIPAA Security Rule to help employers identify any gaps in their security compliance programs.

A copy of the guidance can be found here.  

Recent Posts

FSA Claim Reimbursement Direct Deposit

read more

Department of Labor Required Reporting Guide

read more

Question of the Week

read more