Below is a listing of publicly available Framework resources relevant to Small and Medium-sized businesses. For additional information about cybersecurity resources for small businesses, please visit the NIST Small Business Cybersecurity Corner.
The Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the HHS Office for Civil Rights (OCR)’s SRA Tool
(A tool designed to help healthcare providers conduct a security risk assessment as required by the HIPAA Security Rule and the Centers for Medicare and Medicaid Service (CMS) Electronic Health Record (EHR) Incentive Program.)
The Healthcare and Public Health Sector Coordinating Council’s (HSCC) Health Industry Cybersecurity Supply Chain Risk Management Guide (HIC-SCRiM)
(A toolkit for providing actionable guidance and practical tools for organizations to manage cybersecurity risks.)