The Scope of a HIPAA Risk Assessment

Administrative Safeguard

-Risk analysis procedures & demonstration of a risk management process.
-Policies & procedures relevant to operational security, including business associate security requirements.

-Evidence of periodic technical & non-technical reviews.
-Information access restriction requirements & controls.
-Incident response procedures & disaster recovery plan.

Physical Safeguard

-Physical access controls, such as building access and appropriate record keeping.
-Policies & procedures for workstation security.
-Proper usage, storage, & disposal of data storage devices.

Technical Safeguard

-Auditing & audit procedures.
-Using encryption devices & tools if deemed appropriate.
-Implementation of technology to ensure ePHI integrity confidentiality, & availability

After determining your gaps, you will then have to remediate & track the outcome. Knowledge & expertise of the rules is essential when performing this process.

Our Software

HIPAA

OSHA

SOC 2

Custom Programs

Features

Designed For

Learn

Guides

Company

Why Compliancy Group

The Scope of a HIPAA Risk Assessment

Administrative Safeguard

Physical Safeguard

Technical Safeguard

Find out more about risk assessments and how to achieve, illustrate and maintain your HIPAA compliance.

Our Product

Features

Company

Resources

Featured Case Studies

From Our Blog

Get in Touch