HIPAA Security Risk Analysis
The HIPAA Security Risk Analysis, also known as a security risk assessment, is a fundamental process required by the HIPAA Security Rule. Health care providers, payers, clearinghouses and Business Associates are all required to conduct a HIPAA SRA. A limited-scope SRA is also required by the Meaningful Use (Advancing Care Information) program. For Meaningful Use, the SRA is required on an annual basis.
by Gary Pritts | Feb 13, 2014 | HIPAA
[Editor’s Note: During 2016 Healthcare experienced a dramatic increase of virulent ransomware attacks. Please also see a more a more comprehensive list of security contols in the post Preventing and Mitigating Ransomware Attacks, posted 10/4/2016.] A nasty... Read More
by Gary Pritts | Feb 4, 2014 | HIPAA
Several recent enforcement actions from the HHS Office of Civil Rights, along with OCR’s consistent messaging, have highlighted the importance of the HIPAA security risk analysis for healthcare organizations. Further, recent cases make it clear that a... Read More
by Gary Pritts | Jan 17, 2014 | HIPAA
That’s right, even a refrigerator can now fall victim to hackers. According to security firm Proofpoint, more than 750,000 malicious emails were sent between Dec. 23, 2013 and Jan. 6, 2014, when hackers gained access to smart devices, such as common appliances, left... Read More
by Gary Pritts | Oct 1, 2013 | HIPAA
Healthcare organizations have good reason to adjust their threat assessments when updating their HIPAA Security risk analysis as required for HIPAA and meaningful use compliance. Based on a number of recent events, we know more about the capabilities and activities of... Read More
by Gary Pritts | Sep 13, 2013 | HIPAA
Medical Identity Theft is on the rise according to the latest Ponemon Institute research released yesterday. Ponemon estimates that 1.8 million people, just under 1% (0.8%) of U.S. adults, were affected in 2013, a 19% increase over 2012. Based on survey data from... Read More
