 U.S. Department of Health & Human Services |
| |
 Improving the health, safety, and well-being of America |
Font Size 
Print 
Download Reader 
HHS Home|HHS News|About HHS
Health Information Privacy
HIPAA
PSQIA
Security Rule Guidance MaterialIn this section, you will find educational materials to help you learn more about the HIPAA Security Rule and other sources of standards for safeguarding electronic protected health information (e-PHI). Security Rule Educational Paper SeriesThe HIPAA Security Information Series is a group of educational papers which are designed to give HIPAA covered entities insight into the Security Rule and assistance with implementation of the security standards. Security 101 for Covered Entities Organizational, Policies and Procedures and Documentation Requirements Basics of Risk Analysis and Risk Management Security Standards: Implementation for the Small Provider HIPAA Security GuidanceHHS has developed guidance to assist HIPAA covered entities in complying with the risk analysis requirements of the Security Rule. HHS has also developed guidance to provide HIPAA covered entities with general information on the risks and possible mitigation strategies for remote use of and access to e-PHI. National Institute of Standards and Technology (NIST) Special PublicationsNIST is a federal agency that sets computer security standards for the federal government and publishes reports on topics related to IT security. The following special publications are provided as an informational resource and are not legally binding guidance for covered entities. NIST Special Publication 800-30: Risk Management Guide for Information Technology Systems NIST Special Publication 800-77: Guide to IPsec VPNs NIST Special Publication 800-88: Computer Security NIST Special Publication 800-111: Guide to Storage Encryption Technologies for End User Devices NIST Special Publication 800-113: Guide to SSL VPNs Federal Information Processing Standards Publication 140-2 |
