Secretary Sylvia Mathews Burwell and Lisa O. Monaco write:
The health care system of the future is taking shape right now, and the foundation of that new system is health care data that is private, trusted and secure. Today, we are pleased to release the final Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision Medicine Initiative (PMI). The types, breadth, and sensitivity of the personal health, genetic, and environmental information that may be part of a precision medicine-type activity warrants careful attention and protection. Therefore, the Security Framework (modeled on the Administration’s Cybersecurity Framework) establishes security expectations for organizations who participate in PMI and provides a risk management approach to achieving those principles. To ensure that we are leading by example, Federal PMI agencies have committed to integrate the framework throughout all PMI activities.
Read more on the White House Blog.
tl;dr:
when you trace the security requirements all the way back, you arrive at FIPS-199/200 Moderate, along with SP800-39, 800-53, and the other various SP’s in the genre.