How to integrate ISO 27001: 2013 with HIPAA security rules
Assign topic to the user
Answer: By implementing ISO 27001 alone, you will achieve only partial compliance with HIPAA; however you might consider the combination of ISO 27001 and ISO 27799, as described in this article: How ISO 27001 and ISO 27799 complement each other in health organizations https://advisera.com/27001academy/blog/2016/06/13/how-iso-27001-and-iso-27799-complement-each-other-in-health-organizations/
Thank you for explaining. My understanding is HIPAA security rules can be easily accommodated by implementing ISO 27001: 2013 in letter and sprite. Because HIPAA security rules specify three requirements i.e: Security should be managed Administratively, technically and physically and this is pretty much the same concept of ISO 27001:2013 standard.
Comment as guest or Sign in
Oct 26, 2016