Article | March 4, 2021

Implement NIST CSF For HIPAA Safe Harbor

By Mike Semel, president of Semel Consulting

Medical Healthcare TEchnology

A new federal law plans to reward HIPAA covered entities and business associates for implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

The law provides ‘safe harbor’ from HIPAA data breach penalties and allows audits to be terminated early if an organization can demonstrate that it has implemented the government-recognized cybersecurity program for the previous 12 months.

The new regulations for HIPAA, HR 7898, were signed into law on January 5, 2021, but will need to go through rule-making processes before they take effect. However, because the mandate requires regulators to confirm that an organization’s cybersecurity programs have been in effect for the previous 12 months, covered entities and business associates can start implementing the controls now to take advantage of the reduced risk of fines and audits.

VIEW THE ARTICLE!
Signing up provides unlimited access to:
Signing up provides unlimited access to:
  • Trend and Leadership Articles
  • Case Studies
  • Extensive Product Database
  • Premium Content
HELLO. PLEASE LOG IN. X

Not yet a member of MSPinsights? Register today.

ACCOUNT SIGN UP X
Please fill in your account details
Login Information
ACCOUNT SIGN UP

Subscriptions

Sign up for the newsletter that brings you the industry's latest news, technologies, trends and products.