> Where can I find information on the current HIPAA Security Standards?
http://aspe.hhs.gov/admnsimp/Index.htm --- U.S. Health and Human Svcs. Two pages off this page that discuss security and privacy rules (proposed and otherwise). There is also a link to implementation guides, that are more broad based. The background page is very informative, if a little dry. http://www.hhs.gov/ocr/hipaa/ --- Everything you want to know about the privacy side of HIPAA. http://www.hcfa.gov/medicare/edi/edi.htm --- Medicare/Medicaid page. They have a mail list that will notify you of admin simplification document changes. http://www.hcfa.gov/medicaid/hipaa/adminsim/default.htm --- Specific to Medicaid HIPAA amdin rules. Some which will affect privacy and/or security. http://snip.wedi.org/public/articles/details.cfm?id=118 --- list of regional implementation contacts. This people can usually send you in the right direction if you need help. They don't know computer security, but they know HIPAA. http://www.hcfa.gov/medicaid/hipaa/default.asp --- Health Care financing Admin page. Link in middle of page to an 'interactive' help page. While geared more toward the end user, it will give you an idea of what they are expecting. As far as I know there is not a site dedicated to securing a site that is affected by HIPAA. We are working with our clients (mostly doctors) trying to implement a sound structure to meet the rules. So far is has not been easy.
