HIPAA requires that covered entities conduct a risk assessment of their healthcare organization. A risk assessment helps these organizations ensure compliance with HIPAA’s administrative, physical and technical safeguards. A risk assessment also helps reveal areas where an organization’s protected health information (PHI) could be at risk. The Office for Civil Rights released tools to assist covered entities. The Security Risk Assessment (SRA) Tool application lets a covered entity take a self-directed tour of HIPAA standards and helps conduct a risk assessment at the covered entity’s own pace. The tool shows each HIPAA standard that must be addressed and provides space to document how the covered entity will meet or plan to meet the current standard.
If you have any questions or we can be of assistance, please let us know. Thanks.
By Denise Bloch