Q

Are there guidelines to create a HIPAA-compliant data center?

Are there specific guidelines for creating a HIPAA compliant data center? In this expert response, security management expert David Mortman suggests resources to boost compliance.

Is there a HIPAA compliance guideline for data centers? What is that minimum standard?

While there aren't official HIPAA compliance guidelines for data centers, there are several resources you can look

to. Most notably, the Office of the Inspector General of the Department of Health and Human Services published a series of pointers toward security specifications for Medicaid. These specifications are what auditors use to validate covered entities for HIPAA.

Similarly, The Centers for Medicare and Medicaid Services (CMS) published a series of white papers that provide additional insight into the HIPAA Security Final Rule which cover the gamut from physical security controls to risk management to technical controls.

More information about HIPAA in general, as well as other Federal Health and IT related information, can be found at the Department of Health and Human Services website.

Finally, CMS has published the Sample - Interview and Document Request for HIPAA Security Onsite Investigations and Compliance Reviews, which, as the title implies, presents an idea of what to expect in an audit at the highest level.

For more information:

This was first published in July 2009

Dig deeper on HIPAA

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close