For small to medium sized healthcare organizations, the US Department of Health & Human Services (HHS) Office for Civil Rights (OCR) just teamed up with the Office of the National Coordinator for Health Information Technology (ONC) to create new security risk assessment (SRA) tool to help with HIPAA compliance.
HIPAA requires that covered entities conduct a risk assessment of their healthcare organizations, something that smaller organizations struggle to do. Risk assessments help ensure that organizations remain compliant with HIPAA’s administrative, physical and technical safeguards, revealing potential areas where protected health information (PHI) could be at risk.
The ONC put together this video about the importance of a Security Risk Analysis:
[youtube height="HEIGHT" width="WIDTH"]https://www.youtube.com/watch?v=hNUBMLVr9z4[/youtube]
The new SRA tool, available for download here, was created to help small and medium-sized healthcare organizations walk through the process of conducting a SRA. Additional instructional videos have been put together to go over the importance of contingency planning as well as specific information on the SRA tool:
[youtube height="HEIGHT" width="WIDTH"]https://www.youtube.com/watch?v=cZebs00sF00[/youtube]