HIPAA Information Security Standards - UTD Information Security

As technologies that store or process protected health information (PHI) emerge, and that will be used at UT Dallas, standards may be created and updated by subject experts who are given the authority, through policy, to publish such standards. The UT Dallas Information Security and Acceptable Use Policy (UTDBP3096) defines the following:

Information Security Standards: Documented controls specified for specific technology components which, when implemented, reduce risk of compromise (e.g., change default passwords, disable unnecessary services, apply current compatible patches, include in backup scheme).

Please refer to the following HIPAA-specific standards to ensure UT Dallas information systems and processes are operating in a secure manner compliant with policy and industry best practices.

HIPAA Account Management Standard (pdf)
HIPAA Cloud Services Standard (pdf)
HIPAA Collaborative Computing Standard (pdf)
HIPAA Database Standard (pdf)
HIPAA Data Storage Standard (pdf)
HIPAA Desktops and Laptops Standard (pdf)
HIPAA Guest Access Standard (pdf)
HIPAA Mobile Device Standard (pdf)
HIPAA Network Firewall Standard (pdf)
HIPAA Portable Media Security Standard (pdf)
HIPAA Callier Center Risk Management Standard (pdf)
HIPAA Secure Office Suite Standard (pdf)
HIPAA Server Room Standard (pdf)
HIPAA Server Standard (pdf)
HIPAA Web Application Standard (pdf)