HIPAA Security Risk Analysis Tips – How to Get Started

This entry is part 6 of 39 in the series HIPAA Security Risk Analysis Tips

I admit that I have become so steeped in HIPAA subject matter, in general, and the process of completing a HIPAA Security Risk Analysis, in particular, that I forgot that many organizations are just starting out.  This post is aimed at getting back to basics.  Here's today's big tip – Get a quick baseline education… here's how…

getting started with HIPAA Security Risk AnalysisI’m a big believer in creating context for any team, and, in this case, your Risk Analysis team.  There are many reasons healthcare organizations and most of their vendors/suppliers who also handle Protected Health Information (PHI) must complete a HIPAA Security risk analysis (per 45 CFR 164.308(a)(1)(ii)(A)) ranging from complying with the HIPAA Security Final Rule to earning incentive money for their recently implemented Electronic Health Record system to good business hygiene/risk management.

When it comes to getting a quick baseline education, I recommend the following four (4) “homework assignments” …

  1. View this 6/9/2011 (~60 minute) webinar: How to Conduct a Meaningful use Risk Analysis
  2. Read this 9-page Document: HHS / OCR Final Guidance on Risk Analysis
  3. Read the first 10 pages of this White Paper:  HIPAA Security Risk Analysis Background and Requirements – A White Paper for Healthcare Professionals
  4. Read this blog post entitled “HIPAA Security Evaluation vs. HIPAA Risk Analysis: Explained”; we already have the first tool developed (http://HIPAASecurityAssessment.com); we're working in the second.

This will require some investment of your time, but I think it will pay huge dividends…  Please feel free to send us any questions you may have!

Wanna be even more hip on HIPAA? Learn more…

The complete HIPAA Privacy, Security and Breach regulations are here.

If you'd like keep up to date on Risk Analysis or HIPAA-HITECH in general, please also consider (all optional!):

Series Navigation<< HIPAA Security Risk Analysis Tips – Risk Analysis MethodologyHIPAA Security Risk Analysis Checklist >>

No comments yet.

Leave a Reply