- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
HIPAA-compliant configuration guidelines for Information Security in a Medical Center environment
- Abstract
- The Health Insurance Accountability and Portability Act of 1996 (HIPAA) was passed by Congress and signed into law by President Bill Clinton. This Act mandates that health care providers and other covered entities implement comprehensive privacy of protected health information of patients. HIPAA regulations cover three important areas: information privacy, information security, and standardization of transaction code sets. It should be noted that the rules for the HIPAA Security standards were proposed in August, 1998. As of the date of this writing, the final Security rules had not been published in the Federal Register, which is the last step to making them law. The final HIPAA security regulations will become effective two years after the date of their publication in the Federal Register, so the final compliance date has not been set.