HIPAA Security Risk Analysis Tips – Risk Analysis White Paper

This entry is part 8 of 39 in the series HIPAA Security Risk Analysis Tips


Although HIPAA Security Final Rule required a Risk Analysis be completed and updated by April 2005, many organizations are just getting started.  Here's today's big tip – Read this primer! 

HIPAA security risk value matrixIt's not optional!  You must perform a HIPAA Security Risk Analysis (45 C.F.R. § 164.308(a)(1)(ii)(A)).  Forget HIPAA!  Forget the upcoming mandatory HIPAA audits

If you want to exercise due care in standing up your privacy and security risk management program, a risk analysis is one of the foundational steps.  Don't wait!

Risk analysis (Required). Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity.

Read: HIPAA Security Risk Analysis Background and Requirements – A White Paper for Healthcare Professionals for more on completing a HIPAA Security Risk Analysis.  This document provides background about and specific requirements regarding a HIPAA Risk Analysis. It describes our Security Risk Analysis and Management Methodology and the rationale behind our approach.

As required by The HITECH Act, the Office for Civil Rights has issued final “Guidance on Risk Analysis Requirements under the HIPAA Security Rule”.  (July 2010).  We advise all Covered Entities and Business Associates to review the Final Guidance and become familiar with the applicable standards and implementation specifications.

Check out the Clearwater HIPAA Security Risk Analysis ToolKit™ to jump-start your program.

Wanna be even more hip on HIPAA? Learn more…

The complete HIPAA Privacy, Security and Breach regulations are here.

If you'd like keep up to date on Risk Analysis or HIPAA-HITECH in general, please also consider (all optional!):

Series Navigation<< HIPAA Security Risk Analysis ChecklistClearwater Risk Analysis ToolKit >>

No comments yet.

Leave a Reply