The website offers Top 10 Myths of Security Risk Analysis.(5) It discusses things like the fact that all providers who are “covered entities” under HIPAA are required to perform a risk analysis.(5) There is a Tool User Guide, and it is available for Windows and Mac users. There is also a Tutorial video to help providers begin using the tool. Videos on risk analysis and contingency planning are available at the website to provide further context.
HIPAA requires organizations that handle protected health information to frequently review the administrative, physical, and technical safeguards they have in place to protect the security of the information. These risk assessments can expose possible weaknesses in security policies, processes, and systems. Risk assessments also help providers address vulnerabilities, possibly preventing health data breaches or other adverse security events.
Make sure your office is HIPAA compliant!
RELATED | Team EHR: Everything you and your dental team need to know about electronic dental records
“The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires that covered entities conduct a risk assessment of their healthcare organization. A risk assessment helps your organization ensure it is compliant with HIPAA’s administrative, physical, and technical safeguards. A risk assessment also helps reveal areas where your organization’s protected health information (PHI) could be at risk. Watch the Security Risk Analysis video to learn more about the assessment process and how it benefits your organization or visit the Office for Civil Rights' official guidance.” (1) Many offices are now using electronic health records (EHRs). They have changed the manner in which care is delivered and compensated. With EHRs, information is available whenever and wherever it is needed.(2)