National Institute of Standards and Technology

News & Analysis as of

Health Update - April 2016 #2

How to Prepare for "Phase Two" HIPAA Compliance Audits: Tips on Getting Ready for Scrutiny - Editor's Note: Now that the Department of Health and Human Services (HHS) has announced that it is beginning the next round of...more

FTC Releases "Cheat Sheet" for Developing a Secure Mobile Health Application

The Federal Trade Commission (FTC), in partnership with other federal agencies, has released an online tool that provides developers legal guidance for the creation of mobile health applications (apps). Companies that are...more

Stakeholders Weigh-in on the NIST Cybersecurity Framework

In February 2014, the National Institute of Standards and Technology (NIST) published the Cybersecurity Framework, a voluntary framework designed to provide a “cost-effective means for critical infrastructure to identify,...more

Preparing Your Organization Today to Win Its Future (Possibly Inevitable) Cyber Lawsuit: Making Crown Jewels Out of Paper

One day in the not too distant future, your organization may be fighting to protect its balance sheet against high-stakes claims in a cyber tort trial. Arrayed against you will be the best of the class action plaintiff’s...more

Digital Health Care Alert: Is Your Health Care App subject to HIPAA? The U.S. Department of Health & Human Services’ Office for...

OCR’s Compliance Guidance for Health Care App Developers - The U.S. Department of Health & Human Services’ Office for Civil Rights (OCR) recently provided guidance (in the form of six “real-life” scenarios) to help...more

How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit Initiative

Cybersecurity Impacts on HIPAA Security Compliance and the New Audit Initiative - New Audit Initiative Items to Watch - While The HHS Office for Civil Rights recently announced its intent to perform a second...more

NIST Framework Adoption Linked To Higher Security Confidence

A recent market survey of 338 IT and security professionals has revealed that adoption of the U.S. National Institute of Standard and Technology (“NIST”) Framework for Improving Critical Infrastructure Cybersecurity has led...more

Cyber Security IMPOSSIBLE: California AG Decides a Ceiling is a Floor

We all know why selecting appropriate data security standards is difficult. No two business are the same. Different businesses have different assets to protect and different bank accounts to tap. Different sized businesses...more

Fiduciary Regulation and How Recent Cybersecurity Government Publications Impact HIPAA Security Compliance and the New Audit...

Fiduciary Regulation - The Office of Management and Budget released the final Fiduciary or Conflict of Interest regulation and related prohibited transaction exemption modifications from its review today. The next...more

New Guidance Maps HIPAA Security Rule to NIST Cybersecurity Framework to Help Providers Manage Cybersecurity Risk

In a world of looming data breaches and significant penalties for the release of protected health information, the complexities of cybersecurity and compliance with the HIPAA Security Rule can be incredibly daunting. In 2014,...more

Phase 2 of HIPAA Compliance Audits Now Underway

The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services (DHHS) recently announced that it has initiated Phase 2 of its audit program to assess Covered Entities’ and Business Associate’s...more

Recent HIPAA Updates from OCR

The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services has been busy lately, issuing three news releases on the HIPAA Privacy and Security Rules....more

Blog: HHS Releases Crosswalk Between HIPAA Security Rule and NIST Framework

The U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) recently released a “crosswalk” developed with the National Institute of Standards and Technology (NIST) mapping the Health Insurance...more

HHS Office For Civil Rights Releases A Crosswalk Between HIPAA Security Rule And NIST Cybersecurity Framework

At the end of February, the Department of Health and Human Services (“HHS”) released a table, called a “crosswalk,” that maps standards and implementation specifications of the Health Insurance Portability and Accountability...more

A Closer Look at Cybersecurity Legislation and Regulations in the US and Abroad - United States

Legal Framework - Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws? The United States generally addresses cybersecurity...more

Conducting Market Research? How to Take the "PII" out of Data to Avoid Privacy Concerns

Data can be valuable for a variety of reasons. Organizations often find that one of its greatest values is to research product or service markets, customer behaviors, or market trends. ...more

FDA Issues Guidance on Cybersecurity Issues for Postmarket Medical Devices

On January 22, 2016, the Food and Drug Administration (FDA) issued draft guidance on cybersecurity risks associated with medical devices, and addressed steps that device manufacturers should take to mitigate such risks. The...more

OCR Releases Tool to Help Organizations Safeguard Health Data

Health data is among the most attractive targets for cybersecurity attacks. To help ward off attacks, health care organizations and their subcontractors subject to the Health Insurance Portability and Accountability Act...more

Capitalizing on Collaboration – The President’s Precision Medicine Initiative

Last week President Obama marked the one year anniversary of his Precision Medicine Initiative (“PMI”) by holding a web-accessible panel discussion where he and interested stakeholders discussed his PMI initiative, its...more

FDA Embraces Internet of Things: New Draft Guidance on Postmarket Cybersecurity for Medical Devices

The FDA’s recently issued draft guidance on “Postmarket Management of Cybersecurity in Medical Devices” seeks to address some of the increasing concerns that medical device providers, regulators, and consumers have about...more

HHS Issues HIPAA Security Rule Crosswalk with NIST Cybersecurity Framework

Last week, the HHS Office for Civil Rights (OCR) released a crosswalk between the requirements of the HIPAA Security Rule and the NIST Cybersecurity Framework. ...more

At A Glance: De-Identification, Anonymization, and Pseudonymization

De-identification of data refers to the process used to prevent personal identifiers from being connected with information. The FTC indicated in its 2012 report Protecting Consumer Privacy in an Era of Rapid Change:...more

CFTC’s New Proposed Rules Mandate Extensive Cybersecurity Testing; Comments Due Feb. 22, 2016

On December 16, 2015, the Commodity Futures Trading Commission (“CFTC”) released two Notices of Proposed Rulemaking (“NPRMs” or “Proposed Rules”) that would, if finalized, supplement existing regulations covering the...more

New Cybersecurity and Privacy Initiatives Announced In President Obama’s Final Budget

On February 9, 2016, in connection with his annual budget request, President Obama announced a $19 billion Cybersecurity National Action Plan (CNAP) that the White House has described as a “capstone” to seven years of...more

Alert: The 'New' Cybersecurity National Action Plan

The Obama administration has introduced its Cybersecurity National Action Plan (the "CNAP") in connection with its 2017 budget proposal. The CNAP aims to protect Americans, government agencies, and companies against the...more

300 Results
|
View per page
Page: of 12
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×