
	Home > Ask the Security Experts > Security Management Questions & Answers > Are there guidelines to create a HIPAA-compliant data center?

Ask The Security Expert: Questions & Answers

EMAIL THIS

Are there guidelines to create a HIPAA-compliant data center?

EXPERT RESPONSE FROM: David Mortman, featured expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 06 July 2009
Is there a HIPAA compliance guideline for data centers? What is that minimum standard?

BROWSE BY TAG

Security Management, Security Audit, Compliance and Standards, HIPAA, Enterprise Data Protection, Database Security Management, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Security Management
	How to prepare for a FERPA audit
	Why doesn't the CISSP cover information assurance and DIACAP?
	Data breach notification legislation: What info must be released?
	Risk management strategy for an information technology solution provider
	HHS HIPAA guidance on encryption requirements and data destruction
	Writing a patient identifier policy to prevent common HIPAA violations
	How to write technology outsourcing contracts
	The requirements for being a PCI DSS-compliant service provider
	The requirements needed to make an external penetration test legal
	How to create configuration management plans to install DLP

HIPAA

Cost of security, IT management add up at healthcare facilities, study finds

Healthcare security spending remains sluggish, report shows

Creating a HIPAA employee training program

FTC extends breach notification to Web-based health repositories

HHS HIPAA guidance on encryption requirements and data destruction

Writing a patient identifier policy to prevent common HIPAA violations

HIPAA compliance: New regulations change the game

HIPAA compliance manual: Training, audit and requirement checklist

Key elements of a HIPAA compliance checklist

Quiz: How to meet HIPAA compliance requirements

HIPAA Research

Database Security Management

Content-aware IAM: Uniting user access and data rights

Trustwave acquires data loss prevention vendor Vericept

Why should we place data files on a separate partition than the OS?

How to prevent operating system cloning with AES 256-bit encryption

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

While there aren't official HIPAA compliance guidelines for data centers, there are several resources you can look to. Most notably, the Office of the Inspector General of the Department of Health and Human Services published a series of pointers toward security specifications for Medicaid. These specifications are what auditors use to validate covered entities for HIPAA.

Similarly, The Centers for Medicare and Medicaid Services (CMS) published a series of white papers that provide additional insight into the HIPAA Security Final Rule which cover the gamut from physical security controls to risk management to technical controls.

More information about HIPAA in general, as well as other Federal Health and IT related information, can be found at the Department of Health and Human Services website.

Finally, CMS has published the Sample - Interview and Document Request for HIPAA Security Onsite Investigations and Compliance Reviews, which, as the title implies, presents an idea of what to expect in an audit at the highest level.

For more information:

What are the differences between an SAS 70 data center and a Tier III data center? Read more.
Read more about who has rights to patient information under HIPAA.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy