HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. All entities which maintain and or transmit electronic healthcare data are required to comply.
Links to US Federal Security Standards & Recommendations
Department of Health and Human Services, Educational Series: Security 101 for Covered Entities
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/security101.pdf
Department of Health and Human Services, Educational Series: Administrative Safeguards
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/adminsafeguards.pdf
Department of Health and Human Services, Educational Series: Physical Safeguards
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/physsafeguards.pdf
Department of Health and Human Services, Educational Series: Technical Safeguards
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/techsafeguards.pdf
NIST – HIPAA Security Rule Toolkit
HIPAA Security Checklist
http://www.ihs.gov/hipaa/documents/ihs_hipaa_security_checklist.pdf
Industry Resources
HIPAA Collaborative of Wisconsin
http://hipaacow.org/resources/