The proposed HIPAA security rule as it currently stands does not require any sort of IT personnel certifications, and I can't imagine the final security rule requiring it either. There is, however, a requirement that "technical maintenance personnel" are trained in system security. Perhaps this will be clarified in the final rule. Either way, it's a best practice to ensure that all IT personnel are trained on current and new operating systems, applications and security. Certification could be seen as a side-benefit of that.
For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: HIPAA training certificates
Careers and Certification Tip: The vendor-neutral security certification landscape
Careers and Certification Tip: Survey of vendor-specific security certs
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.