NIST updates health care community on IT security work.
NIST provided presentations on draft NIST Special Publication (SP) 800-37, Guidelines for the Security Certification and Accreditation of Federal Information Technology Systems; draft Federal Information Processing Standard 199, Standards for Categorization of Federal Information and Information Systems; the status and overview of forthcoming draft NIST SP 800-53, Guidelines for Selection and Specification of Security Controls for Information Systems; and draft SP 800-50, Building an Information Technology Security Awareness and Training Program. (For copies of the draft documents, see http://csrc.nist.gov/publications/drafts.html.) NIST personnel also briefed the group on a joint NIST and Center for Medicare and Medicaid Services/HHS project to produce a resource guide of NIST information for supporting implementation of the HIPAA Security Rule.
URAC (also known as the American Accreditation HealthCare Commission), a 501(c)(3) non-profit charitable organization founded in 1990 to establish standards for the health care industry, is helping to coordinate the health care community in assessing security standards and best practices for health care information systems through the Security Health Care Certification and Accreditation Work Group. Ultimately, the workgroup hopes to develop a common set of health care security standards that will cover security policies, procedures, controls, and auditing practices for IT security in health care information technology systems.
CONTACT: L. Arnold Johnson, (301) 975-3247; email@example.com.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||News Briefs|
|Publication:||Journal of Research of the National Institute of Standards and Technology|
|Date:||Sep 1, 2003|
|Previous Article:||NIST participates in demonstration of first responder technologies to firefighters.|
|Next Article:||NIST issues reference material 8457 to aid orthopedic implant manufactures and researchers.|