NIST OKs contract for HIPAA electronic toolkit

Providers and healthcare organizations looking for additional assistance in meeting the requirements of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule may soon get their wish. The National Institute of Standards and Technology (NIST) has awarded a contract to develop an new online toolkit and manual.

The contract, valued at less than $1 million, was awarded to Exeter Government Services of Gaithersburg, MD, to provide the software application, according to Government Health IT. Funding is being provided under the American Recovery and Reinvestment Act.

Target users of the new online tool can range in size from a large nationwide health plan with vast information technology resources to small healthcare providers with limited access to IT expertise, according to NIST in a Jan. 31 announcement on the Federal Business Opportunities website.

The toolkit will enable NIST to use the open checklist interactive language (OCIL), a standard used to express and evaluate non-automated (i.e., manual) security checks, and the extensible checklist configuration description format (XCCDF), which will provide a uniform foundation for expression of security checklists, benchmarks, and other configuration guidance, according to the announcement.

Both of these standards are part of the security content automation protocol (SCAP), which are a set of standards used to monitor, manage, and assess compliance with security configurations in applications and computer systems.

The application will be placed on NIST's website when it is completed.

For more details:
- read this Government Health IT article
- view the article at
- see the Federal Business Opportunities website

Suggested Articles

Roche, which already owned a 12.6% stake in Flatiron Health, has agreed to buy the health IT company for $1.9 billion.

Allscripts managed to acquire two EHR platforms for just $50 million by selling off a portion of McKesson's portfolio for as much as $235 million.

Artificial intelligence could help physicians predict a patient's risk of developing a deadly infection.