News & Insights

Updated HIPAA Security Risk Assessment tool available

Washington Connection

Federal Compliance

Nov. 6, 2019: The Office of the National Coordinator for Health information Technology and the Office for Civil Rights released an updated version of their Security Risk Assessment (SRA) tool. The tool is designed to assist small to medium-sized physician practices conduct an internal SRA as required by CMS, HIPAA, and Promoting Interoperability programs. Conducting an SRA is a critical step in identifying and assessing risks to patient information, determining if your practice has appropriate safeguards in place, and revealing any areas where data may be at risk from such events as natural disasters, theft, or cyber-attacks. Practice leaders are also encouraged to review MGMA member-benefit HIPAA Privacy and Security tools and resources.