HHS updates tool to help providers assess HIPAA security risks

Sep 13, 2023 - 03:53 PM
Department of Health and Human Services (HHS) Seal

The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology and Office for Civil Rights have updated their tool to help health care providers (especially smaller organizations) identify and assess potential risks to electronic protected health information, as required by the HIPAA Security Rule. The Security Risk Assessment Tool walks users through the security risk assessment process using multiple-choice questions, threat and vulnerability assessments, and asset and vendor management. New features include a remediation report; glossary and tool tips; references to the Health Industry Cybersecurity Practices 2023 Edition; bug fixes and usability enhancements.

Related News Articles

Headline
HHS will not appeal AHA court victory in online tracking case
The U.S. Department of Health and Human Services will not appeal its loss in American Hospital Association v. Becerra. The AHA, joined by the Texas Hospital…
News
Judge rules in favor of AHA vacating HHS online tracking ‘bulletin’ as unlawful and beyond agency authority
A United States District Court Judge in Texas today ruled in favor of the AHA, Texas Hospital Association, and hospital plaintiffs, agreeing that Department of…
Headline
OCR finalizes rule prohibiting certain reproductive health care disclosures
The Department of Health & Human Services’ Office for Civil Rights April 22 released a final rule prohibiting entities regulated by the HIPAA Privacy Rule…
Headline
Cassidy proposes ways to strengthen health data privacy
Senate Health, Education, Labor & Pensions Committee Ranking Member Bill Cassidy, R-La., Feb. 21 released a report proposing ways to modernize the existing…
Headline
NIST updates HIPAA cybersecurity resource guide 
The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage…
Headline
OCR releases telehealth privacy and security resources for providers, patients
The Department of Health and Human Services’ Office for Civil Rights Oct. 18 released a resource for health care providers who choose to educate patients about…