we are reaching out to your practice to see if you have done a hipaa risk analysis.
what’s in a hipaa risk analysis?
the department of health and human services (hhs) requires health organizations to conduct a risk analysis as the first step toward implementing safeguards specified in the hipaa security rule, and ultimately achieving hipaa compliance.
but what does a risk analysis entail, and what do you absolutely have to include in your report? the hhs security standards guide outlines mandatory components of a risk analysis that healthcare organizations and healthcare-related organizations that stor
scope of the analysis – any potential risks and vulnerabilities to the privacy, availability and integrity of ephi. this includes all electronic media your organization uses to create, receive, maintain or transmit ephi – portable media, desktops and networks. network security between multiple locations is also important to include in the scope of the analysis, and may include aspects of your hipaa hosting terms with a third-party or business associate.
call us to see if we can help with your hipaa risk analysis…… questions or concerns please contact me at 240-235-6570.