Details
-
Change Request
-
Resolution: Persuasive with Modification
-
Highest
-
National Directory of Healthcare Providers and Services (NDH) (FHIR)
-
current
-
Patient Administration
-
Home
-
security
-
-
Bob Dieterle / David Pike : 6-0-0
-
Correction
-
Compatible, substantive
Description
See section:
"The following are security conformance requirements for the overall program/system:
• NDH implementers SHOULD establish a risk analysis and management regime that conforms with HIPAA security regulatory requirements. In addition, implementers in the US Federal systems SHOULD conform with the risk management and mitigation requirements defined in NIST 800 series documents. This SHOULD include security category assignment in accordance with NIST 800-60 vol. 2 Appendix D.14. The coordination of risk management and the related security and privacy controls - policies, administrative practices, and technical controls - SHOULD be defined in the Business Associate Agreements."
The first SHOULD needs to be changed to a SHALL for covered entities in order to comply with HIPAA.
Attachments
Issue Links
- mentioned in
-
Page Loading...