HIPPA Compliance - How can we get started?

Good evening,

We have been told that our server and workstations need to be HIPPA compliant. I have searched for a list of guidelines for System Administrators but have not been successful in finding anything that doesn't require purchase of an application, etc...

Is there a good resource that provides guidelines and recommendations for putting an action plan together to make our systems compliant?

Any suggestions will be greatly appreciated.

Thanks
Poly11Asked:
Who is Participating?
 
khairilConnect With a Mentor Commented:
HIPAA is related to medical related data privacy which means anything that related to gather, process or outputting medical records must comply with certain guidelines that defined by HIPAA.

Like ISO, ITIL, HIPAA present guidelines how to the situation must be, not how exactly in technical term the configuration of the system being done - in other words it does spell what it needs but not how to do it.

I attach here, the public publication of National Institude of Standards and Technology US. Just like ISO, most of the situation are based on questions.

This document is general guidelines, the will not go detail on the implementations. So many vendor create tools or do consultation based on the guidelines - which why when you search the web, most result are about selling product or consultation.

If you are serious, then go get a book on it, read and understand, this is the good one to start, http://www.amazon.com/Practical-Guide-Privacy-Security-Compliance/dp/0849319536#_


SP-800-66-Revision1.pdf
0
 
Poly11Author Commented:
Thank you, the book has all of the information I need to get started!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.