1.0
|
31 Dec 2015 |
HPH Joint Cybersecurity WG,
|
Final document consolidating content from multiple documents/resources to support intent of broader implementation guidance for the HPH sector and incorporating comments from the Risk Mgmt. Sub-working Group, the Public, and a final review by HHS. Contains placeholders for additional content being developed by the Risk Mgmt. Sub-Working Group for the next version of the Guide.
|
1.1
|
15 May 2016
|
HPH Joint Cybersecurity WG,
Risk Management SG
|
Incorporates OCR’s NIST Cybersecurity Framework-to-HIPAA crosswalk, updates CNSSI No. 4009 definitions to reflect its 2015 release; and makes other minor corrections.
|
2.0
|
20 Apr 2022
|
HSCC CWG TG-1A and HHS CWG |
Generalizes the implementation approach to reflect how tailored overlays of one or more NIST Cybersecurity Framework Informative References can be leveraged to create an organization or industry sector-specific control overlay. Expands on the framework-based approach to risk analysis. Removes/adds various appendices to accommodate work performed elsewhere in the JCWG. Includes additional updates stemming from the release of v1.1 of the NIST Cybersecurity Framework.
|