September 29, 2022

Volume XII, Number 272

Advertisement

September 28, 2022

Subscribe to Latest Legal News and Analysis

September 27, 2022

Subscribe to Latest Legal News and Analysis

September 26, 2022

Subscribe to Latest Legal News and Analysis

NIST Publishes New Draft Guidance on HIPAA Security Rule

On July 21, 2022, the National Institute of Standards and Technology (“NIST”) released an updated draft of its HIPAA Security Rule guidance. The draft guidance, titled “Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide” (NIST Special Publication 800-66, Revision 2), is designed to assist HIPAA regulated entities “maintain the confidentiality, integrity and availability of electronic protected health information (ePHI).” NIST issued the updated draft guidance to align it with other NIST cybersecurity guidance documents that have been published since the original HIPAA Security Rule guidance was issued in 2008.

The draft guidance does not provide a checklist for HIPAA regulated entities to follow, but rather aims to improve risk management surrounding ePHI. While the draft guidance does not completely overhaul the prior version, it does place more emphasis on risk assessment and management of ePHI than the prior version.

NIST is seeking comments on the draft updated guidance until September 21, 2022. Individuals can submit their comments via email to [email protected].

Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XII, Number 222
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement
Advertisement