Proposed Security and Electronic Signature Standards, 8/12/98 PDF [265 K]

Preamble

Summary and Introduction
Background
Provisions of this Proposed Rule
Definitions
Effective Dates--General
Security Standard--General
Administrative Procedures
Physical Safeguards to Guard Data Integrity, Confidentiality, and Availability
Technical Security Services to Guard Data Integrity, Confidentiality, and Availability
Technical Security Mechanisms to Guard Against Unauthorized Access to Data that is Transmitted over a Communications Network
Electronic Signature Standard
Selection Criteria and Consultations
Rules for Security Standards and Electronic Signature Standard and Effective Dates
Implementation and New and Revised Standards
Impact Analysis
Collection of Information Requirements

Regulation

Subpart A--General Provisions

142.101 Statutory basis and purpose.
142.102 Applicability.
142.103 Definitions.
142.104 General requirements for health plans.
142.105 Compliance using a health care clearinghouse.
142.106 Effective dates of a modification to a standard or implementation specification.

Subpart B--Reserved

Subpart C--Security and Electronic Signature Standards

142.302 Applicability and scope.
142.304 Definitions.
142.306 Rules for the security standard.
142.308 Security standard.
142.310 Electronic signature standard.
142.312 Effective date of the initial implementation of the security and electronic standards.

Addendum 1: HIPAA SECURITY MATRIX
Addendum 2: HIPAA SECURITY AND ELECTRONIC SIGNATURE STANDARDS GLOSSARY OF TERMS
Addendum 3: HIPAA SECURITY MATRIX-mapping