New HIPAA guidance is on the way, here’s the good and the bad.

New HIPAA Guidance

Years ago, at a HIPAA conference in DC hosted by NIST, they announced an update to 800-66 would be coming. Almost 10 years later, we now have a draft copy of this paper - 800-66r1. Why is this significant? 800-66 was the most significant guidance the government ever issued on how to conduct risk assessments in healthcare. It was exceptionally detailed and comprehensive and served as the template by which many leading HIPAA compliance companies - us included - used as the basis for our process.

Why does this matter to you?
The fact that NIST has updated this document means the compliance and assessment processes you're working with will need to change. The good news is this new guidance will make your systems and your organization more secure. The bad news, however, is you'll be expected to address this new guidance and invest in these new best practice recommendations.

It's going to take a year or two for this new guidance to fully matriculate through the compliance and cybersecurity industries, but as this happens, you'll be challenged to meet increased budgetary requirements and invest additional time to bring yourself up to the new standard.

It's certainly possible to follow this track yourself, but Acentec and our HIPAA Security Suite team are ready and able to make take your organization into compliance with the updated NIST guidance.

Let us know how we can be of service to your organization. From HIPAA compliance to cybersecurity vulnerability and penetration testing to IT consulting and management, our 18 years of dedicated healthcare technology experience is here to serve you.

HIPAA Security Reminders


HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Sign Up

Scroll to Top