NIST compliance aims to harden federal systems against cyber-attacks. NIST Cybersecurity Framework outlines steps and best practices that data processors should follow. HIPAA outlines three types of standards that organizations must meet: Technical standards, Administrative standards, administrative standards, and password policies. The Health Insurance Portability and Accountability Act (HIPAA) steps in. These records are confidential and contain private information, hence why databases and data warehouses must employ strong protections. The agency warns that NIST guidelines do NOT create impenetrable systems.
Source: https://thehackernews.com/2021/04/nist-and-hipaa-is-there-password.html