HIPAA Security Risk Analysis
The HIPAA Security Risk Analysis, also known as a security risk assessment, is a fundamental process required by the HIPAA Security Rule. Health care providers, payers, clearinghouses and Business Associates are all required to conduct a HIPAA SRA. A limited-scope SRA is also required by the Meaningful Use (Advancing Care Information) program. For Meaningful Use, the SRA is required on an annual basis.
by Gary Pritts | Mar 31, 2012 | HIPAA
Hospitals and physician practices conducting computer security risk analyses for HIPAA compliance and for meaningful use (per HIPAA Security 45 CFR 164.308(a)(1)) must assess the threats and likelihood of occurrence. Because most breaches are never reported, accurate... Read More
by Gary Pritts | Mar 8, 2012 | HIPAA
HIPAA Covered entities, including hospitals and physicians who are implementing electronic records with hopes of attaining Meaningful Use and qualifying for federal incentives, are performing a computer security risk analysis, or risk assessment. Conducting regular... Read More
by Gary Pritts | Mar 2, 2012 | HIPAA
(Editor’s note, December 2015: while the information in this post remains relevant, 2015 could be called the year of the health care breach. During 2015 alone, approximately 1 out of every 3 Americans had some of their health care data stolen. New threats and... Read More
by Gary Pritts | Feb 24, 2012 | CMS Quality Payment Programs
5/23/2018 Editor’s Note: In April 2018, the Meaningful Use rules program has been renamed “Promoting Interoperability”. Nonetheless, the language of this requirement are unchanged and this post remains relevant in 2018. The Meaningful Use rules,... Read More
by Gary Pritts | Nov 9, 2011 | HIPAA
The random HIPAA compliance audits mandated under the HITECH Act will begin this month. Yesterday, the HHS Office of Civil Rights (OCR) announced that every covered entity and business associate is eligible for an audit. To guide future audit efforts, a wide range of... Read More
