CMS releases final HIPAA Security Educational Paper

The Centers for Medicare and Medicaid Services (CMS) has released the final paper in the HIPAA Security Educational Paper series. Entitled Security Standards Implementation for the Small Provider, the paper is intended to assist small health care providers with HIPAA security rule compliance. In addition to an overview of the Security Rule standards as they apply to small organizations, the paper includes a table that describes each standard, an example of proper implementation, and questions that each organization should ask in order to evaluate compliance.

The other papers in the series include:

  • Security 101 for Covered Entities;
  • Security Standards Administrative Safeguards;
  • Security Standards Physical Safeguards;
  • Security Standards Technical Safeguards;
  • Security Standards Organizational, Policies and Procedures, and Documentation Requirements;
  • Basics of Risk Analysis and Risk Management;

To see a copy of the Security Standards Implementation for the Small Provider go to