Health industry urges NIST to help set 'common' framework for cybersecurity compliance

Healthcare information managers are asking the National Institute of Standards and Technology to help the industry develop a “common” approach for determining compliance with numerous requirements for protecting patient data.

The industry has a “strong unified desire for a 'common' or 'standard' accepted framework with a corresponding standard model to measure maturity and compliance,” writes the College of Healthcare Information Management Executives and the Association for Executives in Healthcare Information Security in comments to NIST.

The groups argue that...