SSL – Privacy Design® / [protecting people by good design, solid security, efficient processes and trusted services] Thu, 30 May 2019 10:56:01 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 /wp-content/uploads/2018/02/cropped-favicon-32x32.jpg SSL – Privacy Design® / 32 32 HHS and HIPAA – Caveats on HHS web site content! /2019/05/30/hhs-and-hipaa-caveats-on-hhs-web-site-content/ Thu, 30 May 2019 10:46:35 +0000 /?p=807 Continue reading "HHS and HIPAA – Caveats on HHS web site content!"

]]> On the HHS web site, HHS links to the NIST SP 800 -52 Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations

But https://www.hhs.gov/hipaa/for-professionals/security/guidance/index.html?language=es

is linking to an OUTDATED (local copy) version of NIST 800-52 from back in 2005. The effective version (from 2014) is at https://csrc.nist.gov/publications/detail/sp/800-52/rev-1/final

Changes are a little bit explained here: https://www.nist.gov/news-events/news/2014/04/nist-revises-guide-use-transport-layer-security-tls-networks

However, there is also a new draft version – with IMPORTANT COMMENTS at 

https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/draft

]]>