HIPAA Security Risk Analysis Tips – Risk Analysis White Paper
Although HIPAA Security Final Rule required a Risk Analysis be completed and updated by April 2005, many organizations are just getting started. Here's today's big tip – Read this primer! …
It's not optional! You must perform a HIPAA Security Risk Analysis (45 C.F.R. § 164.308(a)(1)(ii)(A)). Forget HIPAA! Forget the upcoming mandatory HIPAA audits!
If you want to exercise due care in standing up your privacy and security risk management program, a risk analysis is one of the foundational steps. Don't wait!
Risk analysis (Required). Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity.
Read: HIPAA Security Risk Analysis Background and Requirements – A White Paper for Healthcare Professionals for more on completing a HIPAA Security Risk Analysis. This document provides background about and specific requirements regarding a HIPAA Risk Analysis. It describes our Security Risk Analysis and Management Methodology and the rationale behind our approach.
As required by The HITECH Act, the Office for Civil Rights has issued final “Guidance on Risk Analysis Requirements under the HIPAA Security Rule”. (July 2010). We advise all Covered Entities and Business Associates to review the Final Guidance and become familiar with the applicable standards and implementation specifications.
Check out the Clearwater HIPAA Security Risk Analysis ToolKit™ to jump-start your program.
Wanna be even more hip on HIPAA? Learn more…
If you'd like keep up to date on Risk Analysis or HIPAA-HITECH in general, please also consider (all optional!):
- Joining our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
- Following me: http://Twitter.com/AboutHIPAA
- Subscribing to our eNewsletter: https://app.e2ma.net/app/view:Join/signupId:61331/mailingId:3310893/acctId:36048
- Subscribing to our RSS feed: http://abouthipaa.com/feed/rss/
- Checking our company web site: http://clearwatercompliance.com/
- Attending a HIPAA HITECH live webinar: http://abouthipaa.com/webinars/upcoming-live-webinars/
- Attending a HIPAA HITECH Blue Ribbon Panel Live Web Event: http://abouthipaa.com/webinars/blue-ribbon-panel-live-events/
- Viewing a pre-recorded webinar: http://abouthipaa.com/webinars/on-demand-webinars/