NIST Guidelines

The NIST Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations in the United States can assess and improve their ability to prevent, detect, and respond to cyber attacks. It is unrecognized outside the USA.

NIST Special Publication 800-53 is part of the Special Publication 800-series that reports on the Information Technology Laboratory’s (ITL) research, guidelines, and outreach efforts in information system security, and on ITL’s activity with industry, government, and academic organizations.  NIST Special Publication 800-53 provides a catalog of security controls for all U.S. federal information systems except those related to national security.  NIST Special Publication 800-53 covers the steps in the Risk Management Framework that address security control selection for federal information systems in accordance with the security requirements in Federal Information Processing Standard (FIPS) 200.

NIST Special Publication SP 800-171 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” provides requirements for protecting the confidentiality of Controlled Unclassified Information (CUI). The requirements apply to all components of nonfederal information systems and organizations that process, store, or transmit CUI, or provide security protection for such components. The CUI requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and nonfederal organizations.

EHR 2.0’s NIST security framework covers the following: 

  1. 800-53Low-Impact Information System
  2. 800-53 – Moderate Impact Information System
  3. 800-53– High Impact Information System
  4. NIST Special Publication SP 800-171
  5. NIST Cybersecurity Framework
  6. NIST SP-30

EHR 2.0’s certified privacy and security professionals can help your organization comply with the requirement in a most efficient and cost-effective way.

Our deliverables include but not limited to:

  • Assessment Report
  • Staff Training
  • Customized Policies and Procedures

Why EHR 2.0?


Customer Success Stories


Additional Resources