Software certification requirements under HIPAA
Is HIPAA going to require IT people to be certified in certain areas of software (for example, MCSE or CCA) if they use that software at their site for security reasons?
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
The proposed HIPAA security rule as it currently stands does not require any
sort of IT personnel certifications, and I can't imagine the final security
rule requiring it either. There is, however, a requirement that "technical
maintenance personnel" are trained in system security. Perhaps this will be
clarified in the final rule. Either way, it's a best practice to ensure that
all IT personnel are trained on current and new operating systems,
applications and security. Certification could be seen as a side-benefit of
that.
For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert:
HIPAA training certificates
Careers and Certification Tip:
The vendor-neutral security certification landscape
Careers and Certification Tip:
Survey of vendor-specific security certs
Dig Deeper
-
People who read this also read...
This was first published in January 2003