The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires that covered entities conduct a risk assessment of their healthcare organization.
A risk assessment helps your organization ensure it is compliant with HIPAA’s administrative, physical, and technical safeguards. A risk assessment also helps reveal areas where your organization’s protected health information (PHI) could be at risk. Watch the Security Risk Analysis video to learn more about the assessment process and how it benefits your organization, or visit the Office for Civil Rights’ official guidance.
HHS (Health and Human Services) is now providing health care providers in small to medium sized offices a new security risk assessment tool that will guide them in conducting risk assessments of their organizations.
The security risk assessment (SRA) tool comes from a combined effort between the Office for Civil Rights and the HHS Office of the National Coordinator for Health Information Technology.
Organizations, with the guidance of the tool, will be able to carry out and document risk assessments with efficacy; the practices will be able to assess information security risks under the HIPAA Security Rule. The application for the tool can be downloaded from www.HealthIT.gov/security-risk-assessment.
HIPAA requires such organizations to routinely evaluate their physical, technical and administrative safeguards to preserve information security.
Deploying the risk assessments will enable health care providers to unveil possible loopholes in their systems and security policies, plus address susceptibilities—all of this will help stave off health data breaches and other security mishaps.
The HIPAA Security Rule requires conduction of the security risk assessment by health care providers that seek payment via the Medicaid and Medicare HER Incentive Program.
A user guide and tutorial video are available on the SRA tool’s website.
Additionally, the site provides videos on risk analysis.
Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.