Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Federal Government Finally Issues HIPPA Compliance Rules

Read On

The document does provide some excellent guidance. It includes, for instance, tables showing activity categories, their descriptions and a series of "getting started" questions. And listings that differentiate mandatory provisions from recommended activities will help enterprises prioritize the process. The publication also offers examples of acceptable ways to meet HIPAA requirements--the kind of information for which consultants charge big bucks.

But the document has some limitations. It's specifically aimed at organizations that must comply with both HIPAA and Federal Information Processing Standards (FIPS). And it's designed mainly as an introduction to HIPAA compliance, not a complete treatment of the subject. With these two caveats, however, the guidelines could still be a major help to any organization working on HIPAA compliance. For example, the document includes table entries to help enterprises judge whether they have met specific parameters of compliance. These may be useful benchmarks, if only to reassure companies they've spent their resources wisely.

And because it spells out links between physical security, information security and data assurance, the report goes beyond HIPAA to provide solid security guidelines.

The publication would have been worth its weight in gold nine years ago. But if your organization could use some guidance today on HIPAA compliance--and whose couldn't?--you've got some new required reading.