Security and Compliance

Health Data Compass (HDC) 's cybersecurity plan is based on NIST 800-171 (53). The following domains are covered within NIST 800-171. HIPAA Security rule is mapped to NIST. Please email for additional information, as needed.

  1. Access Control

  2. Awareness and Training

  3. Audit and Accountability

  4. Configuration Management

  5. Identification and Authentication

  6. Incident Response

  7. Maintenance

  8. Media Protection

  9. Personnel Security

  10. Physical Protection

  11. Risk Assessment

  12. Security Assessment

  13. System and Communications Protection

  14. System and Information Integrity