Related Links

Helpful Sites

• National Institute of Standards and Technology (NIST) FIPS 140-2 Standard Cryptographic Module Validation Program (CMVP)
• U.S. Department of Health and Human Services (HHS) Encryption Standard for Mobile Devices and Portable Media (2007-0001.001S)
• Project Assessment for Compliance with Related Processes (CDC Unified Process)
• Microsoft^® Security Central: www.microsoft.com/security/
• National Institutes of Health Personally Identifiable Information

Reference Documents

• CDC's Registry Plus™ Security Features (PDF-62KB)
• Software Product Security Evaluation (DOC-98KB) to request permission to install software on CDC's network
• Moderate NIST Control Document (DOC-687KB) outlines security reviews prior to the installation of software applications on CDC's network
• NIST checklist for protection of remote information (PDF-118KB)
• Standards for Cancer Registries Volume III: Standards for Completeness, Quality, Analysis, Management, Security and Confidentiality of Data,* (PDF-969KB) especially Chapter 6, "Security and Confidentiality"
• U.S. General Services Administration SmartBUY Program Overview and Data at Rest (DAR) Encryption Fact Sheet (DOC-56KB)
• U.S. Department of Health and Human Services Laptop Encryption Policy (DOC-38KB)
• Memo M-06-16 (PDF-118KB) “Protection of Sensitive Agency Information” from the Executive Office of the President, OMB
• Memo M-07-16 (PDF-227KB) “Safeguarding Against and Responding to the Breach of Personally Identifiable Information” from the Executive Office of the President, OMB

Please note: Some of these publications are available for download only as *.pdf files. These files require Adobe Acrobat Reader in order to be viewed. Please review the information on downloading and using Acrobat Reader software.

Please note: Some of these publications are available for download only as *.doc files. These files require Microsoft Word in order to be viewed. Please review the information on downloading and using Word Viewer software.

*Links to non-Federal organizations found at this site are provided solely as a service to our users. These links do not constitute an endorsement of these organizations or their programs by CDC or the Federal Government, and none should be inferred. CDC is not responsible for the content of the individual organization Web pages found at these links.