Security Risk Analysis – Beyond satisfying HIPAA compliance requirement

A Security Risk Analysis may seem like just another compliance requirement, but it makes good business sense as well.

Physician practices, clinics and small businesses that qualify as Business Associates under the new HIPAA Omnibus Final Rule are under tremendous pressure to meet very stringent compliance requirements as of September 23, 2013, when many of the enforcement provisions kick in. Perhaps most daunting and confusing is to complete a Security Risk Analysis, which is a foundational requirement of the HIPAA Security Rule.

While it may seem unfair and frustrating, the risk analysis requirement makes a lot of sense. It provides you with a “big picture” view on what actions are the most critical and therefore cost effective for protecting electronic Protected Health Information (ePHI). While completing a Security Risk Analysis for larger health care providers and BAs typically will require the expertise and “hands on” assistance from security professionals, many small practices and businesses can accomplish this on their own using tools and resources that are freely available from HHS and other organizations. The key is making sure you meet the requirements for a proper risk analysis, which were published by the OCR in July 2010.

On September 5, we are hosting a webinar specifically designed for smaller health care providers and business associates that need to complete a HIPAA risk analysis. We’re not going to spend a lot of time outlining all the section and subsections of the Security Rule. Instead, we will provide practical information and advice that your staff or IT professional needs to know and a clear roadmap to meeting compliance requirements.

 

Share this in :
  •  
  •  
  •  
  •  
The following two tabs change content below.
Our mission is to assist healthcare organizations and business associates in the development, design, and implementation of practices to secure IT systems and comply with HIPAA/HITECH privacy, security, breach and enforcement rules by protecting patient health information.

Subscribe for Updates

Upcoming Events

  1. Managing the Risks of a Healthcare Data Breach

    April 6 @ 12:00 pm - 1:30 pm