HHS Hopes Security Tool Will Help Providers with HIPAA

The Department of Health and Human Services has announced the availability of a new security risk assessment (SRA) tool to help providers in small to medium sized physician offices conduct risk assessments to aid in complying with HIPAA requirements for securing protected health information.


The Department of Health and Human Services has announced the availability of a new security risk assessment (SRA) tool to help providers in small to medium sized physician offices conduct risk assessments to aid in complying with HIPAA requirements for securing protected health information.

Available for both Windows operating systems and iOS iPads, the SRA tool developed by the Office of the National Coordinator for Health IT and Office for Civil Rights is meant to help practices conduct and document a risk assessment. The assessment is a key requirement of the HIPAA Security Rule and a core requirement for providers seeking payment through the Medicare and Medicaid EHR Incentive Programs. The tool also creates a report that can be provided to auditors.

"By conducting these risk assessments, healthcare providers can uncover potential weaknesses in their security policies, processes and systems," states the HHS announcement. "Risk assessments also help providers address vulnerabilities, potentially preventing health data breaches or other adverse security events. A vigorous risk assessment process supports improved security of patient health data."

The application can be downloaded here and the website also includes a user guide and tutorial video to help providers begin using the SRA tool. ONC is accepting public comments on the tool until June 2.

In related news, a recent benchmark survey assessing progress in protecting health information showed mixed results. While the cost of data breaches has fallen and most surveyed providers are aware of breaches that have occurred with only 10 percent saying they haven’t had one in the past two years, criminal attacks on information systems continue to rise and providers fear that the Affordable Care Act and accountable care organizations increase the risk to protected health information because of more data sharing.

More for you

Loading data for hdm_tax_topic #reducing-cost...