HIPAA Security Risk Analysis Tips – How to Get Started
I admit that I have become so steeped in HIPAA subject matter, in general, and the process of completing a HIPAA Security Risk Analysis, in particular, that I forgot that many organizations are just starting out. This post is aimed at getting back to basics. Here's today's big tip – Get a quick baseline education… here's how…
I’m a big believer in creating context for any team, and, in this case, your Risk Analysis team. There are many reasons healthcare organizations and most of their vendors/suppliers who also handle Protected Health Information (PHI) must complete a HIPAA Security risk analysis (per 45 CFR 164.308(a)(1)(ii)(A)) ranging from complying with the HIPAA Security Final Rule to earning incentive money for their recently implemented Electronic Health Record system to good business hygiene/risk management.
When it comes to getting a quick baseline education, I recommend the following four (4) “homework assignments” …
- View this 6/9/2011 (~60 minute) webinar: How to Conduct a Meaningful use Risk Analysis
- Read this 9-page Document: HHS / OCR Final Guidance on Risk Analysis
- Read the first 10 pages of this White Paper: HIPAA Security Risk Analysis Background and Requirements – A White Paper for Healthcare Professionals
- Read this blog post entitled “HIPAA Security Evaluation vs. HIPAA Risk Analysis: Explained”; we already have the first tool developed (http://HIPAASecurityAssessment.com); we're working in the second.
This will require some investment of your time, but I think it will pay huge dividends… Please feel free to send us any questions you may have!
Wanna be even more hip on HIPAA? Learn more…
If you'd like keep up to date on Risk Analysis or HIPAA-HITECH in general, please also consider (all optional!):
- Joining our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
- Following me: http://Twitter.com/AboutHIPAA
- Subscribing to our eNewsletter: https://app.e2ma.net/app/view:Join/signupId:61331/mailingId:3310893/acctId:36048
- Subscribing to our RSS feed: http://abouthipaa.com/feed/rss/
- Checking our company web site: http://clearwatercompliance.com/
- Attending a HIPAA HITECH live webinar: http://abouthipaa.com/webinars/upcoming-live-webinars/
- Attending a HIPAA HITECH Blue Ribbon Panel Live Web Event: http://abouthipaa.com/webinars/blue-ribbon-panel-live-events/
- Viewing a pre-recorded webinar: http://abouthipaa.com/webinars/on-demand-webinars/