Online tool to help providers comply with HIPAA security

The National Institute of Standards and Technology (NIST) is developing an online toolkit to help providers and health plans understand and comply with the HIPAA Security Rule. NIST has awarded a contract worth less than $1 million to Exeter Government Services to provide the software application. The toolkit will also assist organizations in assessing their compliance with the rule’s requirements. NIST plans to post the toolkit on its website once it is complete. The toolkit will utilize the open checklist interactive language (OCIL) and the extensible checklist configuration description format (XCCDF), which are part of the security content automation protocol (SCAP).