Completing Your Annual HIPAA Risk Assessment Before the Deadline

You must complete a HIPAA risk assessment each year, and now is the time to do so. Conducting an annual HIPAA risk assessment is an important part of compliance, as well as being integral to protecting your business against breaches. This is because risk assessments reveal vulnerabilities, threats, and risks to protected health information (PHI), thus uncovering deficiencies in your current security practices. [...]

2023-07-27T16:07:20-04:00November 19th, 2021|

Everything You Need to Know About HIPAA Security Risk Assessments

It’s that time of year when you should be preparing for your annual HIPAA security risk assessment. As the year comes to a close, the last thing you want to worry about is meeting the risk assessment deadline. So why delay the inevitable when you can avoid the end of year rush by completing your risk assessment now? Now that you’re ready to get started, learn [...]

2023-07-27T16:27:02-04:00October 13th, 2021|

Why You Should Complete an SRA Now Even If You Qualify for a MIPS Exception

CMS recently announced that under certain circumstances, healthcare providers are exempt from the requirement to complete a security risk analysis (SRA), while remaining eligible to benefit from the MIPS Quality Payment Program. However, healthcare providers must still complete an SRA to satisfy HIPAA requirements. So even if you qualify for the MIPS SRA exemption, you will still need to meet the HIPAA SRA requirement. Why you should complete [...]

2023-07-31T15:07:23-04:00October 19th, 2020|

New OCR Guidance on Completing a Risk Assessment

Recently, to provide HIPAA covered entities and business associates with assistance in completing their risk assessments, the Office for Civil Rights (OCR) released guidance. The OCR guidance lays out a detailed list of IT asset inventory steps that should be taken when completing a risk analysis. More details on the OCR guidance are discussed below. Compliancy Group offers clients a full HIPAA [...]

2023-07-31T16:00:47-04:00August 27th, 2020|

HIPAA and Risk Assessment: Is a HIPAA Risk Assessment Mandatory?

Recently, many organizations have begun to wonder if a risk assessment is mandatory. This in part is due to misinformation on some websites that claim that a HIPAA mandatory risk assessment is not actually mandatory. The question of is a HIPAA risk assessment mandatory is answered below. HIPAA and Risk Assessment: HIPAA Mandatory Risk Assessment Is a HIPAA risk assessment mandatory? The Health Insurance Portability and Accountability Act [...]

2023-08-01T09:29:22-04:00May 1st, 2020|

HIPAA Security Rule: Risk Analysis Review and Updating

The HIPAA Security Rule requires that covered entities (health plans, healthcare clearinghouses, and healthcare providers who electronically transmit any health information in connection with a HIPAA related transaction), and business associates, implement security safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). ePHI is any protected health information that is created, stored, transmitted, or received in any electronic format. Performing [...]

2023-08-07T11:30:37-04:00December 24th, 2019|

Updated HHS SRA Tool Issued

In 2011, the Department of Health and Human Services (HHS), the federal agency for enforcing HIPAA, issued a Security Risk Assessment (SRA) tool through its Office for Civil Rights (OCR). In 2019, after several updates, OCR is offering its newest updated HHS SRA tool, version 3.1. The updated HHS SRA Tool contains several features that the prior tools did not contain. What is the Updated HHS SRA Tool? [...]

2023-08-07T12:05:58-04:00November 18th, 2019|

MACRA MIPS 2019 Security Risk Analysis Requirements

With the MACRA MIPS 2019 deadline approaching, healthcare organizations must be aware of what is required of them to receive their reimbursements. Healthcare organizations seeking MACRA MIPS payment must complete a security risk analysis (SRA) before the December deadline.  How to Satisfy the MACRA MIPS Requirement A security risk analysis must be conducted annually to ensure that protected health information (PHI) is adequately safeguarded, this [...]

2023-08-07T16:08:11-04:00August 6th, 2019|