Completing Your Annual HIPAA Risk Assessment Before the Deadline

You must complete a HIPAA risk assessment each year, and now is the time to do so. Conducting an annual HIPAA risk assessment is an important part of compliance, as well being integral to protecting your business against breaches. This is because risk assessments reveal vulnerabilities, threats, and risks to protected health information (PHI) thus uncovering deficiencies in your current security practices. [...]

2022-05-06T17:03:50-04:00November 19th, 2021|

HIPAA Security Rule: Risk Analysis Review and Updating

The HIPAA Security Rule requires that covered entities (health plans, healthcare clearinghouses, and healthcare providers who electronically transmit any health information in connection with a HIPAA related transaction), and business associates, implement security safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). ePHI is any protected health information that is created, stored, transmitted, or received in any electronic format. Performing [...]

2022-05-06T13:36:53-04:00December 24th, 2019|

Updated HHS SRA Tool Issued

In 2011, the Department of Health and Human Services (HHS), the federal agency for enforcing HIPAA, issued a Security Risk Assessment (SRA) tool through its Office for Civil Rights (OCR). In 2019, after several updates, OCR is offering its newest updated HHS SRA tool, version 3.1. The updated HHS SRA Tool contains several features that the prior tools did not contain. What is the Updated HHS SRA Tool? [...]

2022-05-06T13:36:54-04:00November 18th, 2019|

Six Risk Assessments Fail to Prevent $2.7 Million HIPAA Settlement

Oregon Health and Science University (OHSU) reached a settlement with OCR earlier in July for $2.7 million. The organization had executed six risk analysis over the course of 10 years, but the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) found that those risk assessments did not constitute a sufficient HIPAA compliance plan. This case should be a clear sign to healthcare professionals that merely [...]

2019-10-31T09:39:45-04:00July 21st, 2016|