Problem solve Get help with specific problems with your technologies, process and projects.

Are there guidelines to create a HIPAA-compliant data center?

Are there specific guidelines for creating a HIPAA compliant data center? In this expert response, security management expert David Mortman suggests resources to boost compliance.

Is there a HIPAA compliance guideline for data centers? What is that minimum standard?

While there aren't official HIPAA compliance guidelines for data centers, there are several resources you can look...

to. Most notably, the Office of the Inspector General of the Department of Health and Human Services published a series of pointers toward security specifications for Medicaid. These specifications are what auditors use to validate covered entities for HIPAA.

Similarly, The Centers for Medicare and Medicaid Services (CMS) published a series of white papers that provide additional insight into the HIPAA Security Final Rule which cover the gamut from physical security controls to risk management to technical controls.

More information about HIPAA in general, as well as other Federal Health and IT related information, can be found at the Department of Health and Human Services website.

Finally, CMS has published the Sample - Interview and Document Request for HIPAA Security Onsite Investigations and Compliance Reviews, which, as the title implies, presents an idea of what to expect in an audit at the highest level.

For more information:

This was last published in July 2009

Dig Deeper on HIPAA

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.