Skip to main content
Article
Managing Government Regulatory Requirements for Security and Privacy Using Existing Standard Models
Transactions of the International Conference on Health Information Technology Advancement
  • Gregory Schymik, Grand Valley State University
  • Dan Shoemaker, University of Detroit Mercy
Document Type
Article
Version
Publisher PDF
Publication Date
10-1-2013
Abstract

This paper posits the use of a well-established standard approach to Federal compliance, which can be easily adapted to satisfy all legal and regulatory requirements for protection of patient personally identifiable information (PII) in health organizations. This approach is embodied in the three standards that dictate how to comply with the Federal Information Security Management Act (FISMA). These standards also provide an excellent foundation for organizing a secure operation anywhere. The discussion revolves around the application of the FIPS 199 and FIPS 200/NIST 800-53(4) standard approach to the satisfaction of the present and upcoming legal and regulatory requirements for health care PII. The outcome would provide a proven, systematically secure and cost efficient solution to those protection needs. The general approach will be explained and justified.

Citation Information
Gregory Schymik and Dan Shoemaker. "Managing Government Regulatory Requirements for Security and Privacy Using Existing Standard Models" (2013)
Available at: http://works.bepress.com/dan_shoemaker/1/