NIST has released its draft Interagency Report (IR) 7497, Security Architecture Design Process for Health Information Exchanges (HIEs), which is intended:
to provide a systematic approach to designing technical security architecture for the exchange of health information that leverages common government and commercial practices and that applies them
specifically to the HIE domain. This publication assists organizations in ensuring that data protection is adequately addressed throughout the system development life cycle, and that these data protection
mechanisms are applied when the organization develops technologies that enable the exchange of health information.
NIST requests that reviewers submit comments to draft-nistir7497-comments[at]nist.gov. The comment period for draft NIST IR 7497 closes on Friday March 13, 2009.
Thanks to Fergie for letting me know about this.