HIPAA and the Stimulus Bill

Posted: March 4, 2009 in Security Governance
Tags:

Is HIPAA Really changing?

Here is a good summary link of the changes.

I think John did a good job outlining the key changes.  There is no point in regurgitating the information he has already covered in detail.  Overall there are changes to penalties, new breach rules, business associate responsibilities, and more.

What I find interesting is that according to his article HHS is now responsible for issuing guidance specifying technologies and methodologies.  To date I haven’t seen anything yet posted on their site, but they have until February 17, 2010 before the Act is in effect.

I believe many government based organizations currently fail these controls miserably.  It will be good to start seeing some accountability.  I just hope they lay out the expectations clearly unlike when PCI was first issued.  I also hope there is some visibility into the ratings of each entity moving forward.

In the meantime here are a few good older links to help entities make sure they are at least in tune with current expectations.

Advertisements
Comments
  1. Cayle says:

    You’re the one with the bnrias here. I’m watching for your posts.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s