How to Apply NIST SP 800-66 to Meet HIPAA Third-Party Risk Management Requirements

According to the American Hospital Association, the number of third-party cyberattacks in the healthcare industry is rising – resulting in unwanted access to PHI and risking disruptions to patient care. Implementing provisions required by the HIPPA Security Rule can provide a baseline of controls to measure data privacy and security, but where do you start?

NIST developed SP 800-66 to help healthcare delivery organizations understand and provide a framework to support the implementation of the HIPAA Security Rule, but its requirements can be complex to decipher.

Join compliance expert Thomas Humphreys as he breaks down what you need to know about NIST 800-66 and how the requirements impact your third-party business associates, including:

In this webinar, Thomas:

• Explains which HIPAA Security Rule provisions call for third-party risk assessments
• Maps key third-party risk management capabilities to HIPAA Security Rule Implementation Guidance and HIPAA Security Rule Requirements
• Examines how to address the requirements using NIST SP 800-66r2 and the HIPAA Security Rule

The third-party business associate risk landscape is rapidly expanding for healthcare organizations. Watch this webinar to understand how to use NIST SP 800-66 as a framework to meet HIPAA requirements.