Do you find the overall organization of the document appropriate? Do you have suggestions for improving the document’s organization?.NIST would appreciate feedback on the following questions (from the Note to Reviewers section): Lists additional resources that regulated entities may find useful in implementing the Security Rule.Identifies typical activities that a regulated entity might consider implementing as part of an information security program.Provides guidance for regulated entities on assessing and managing risks to ePHI.Includes a brief overview of the HIPAA Security Rule.All HIPAA-regulated entities must comply with the requirements of the Security Rule.
The HIPAA Security Rule specifically focuses on protecting the confidentiality, integrity, and availability of electronic protected health information (ePHI), as defined by the Security Rule. See an update on the revision of NIST SP 800-66.
