The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology and Office for Civil Rights have updated their tool to help health care providers (especially smaller organizations) identify and assess potential risks to electronic protected health information, as required by the HIPAA Security Rule. The Security Risk Assessment Tool walks users through the security risk assessment process using multiple-choice questions, threat and vulnerability assessments, and asset and vendor management. New features include a remediation report; glossary and tool tips; references to the Health Industry Cybersecurity Practices 2023 Edition; bug fixes and usability enhancements.

Related News Articles

Headline
The Department of Health and Human Services’ Office for Civil Rights Oct. 18 released a resource for health care providers who choose to educate patients about…
Headline
Health care providers must comply with the HIPAA rules with respect to telehealth effective Aug. 9 at 11:59 p.m., when the 90-day enforcement discretion period…
Headline
The AHA July 27 joined AHIP, the American Medical Association, and Blue Cross Blue Shield Association in urging the Centers for Medicare & Medicaid…
Headline
The Department of Health and Human Services’ Office for Civil Rights and Federal Trade Commission yesterday sent a letter to about 130 hospital systems and…
Headline
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect…
Headline
The Department of Health and Human Services’ Office for Civil Rights should finalize its proposed “commonsense” amendments to the HIPAA Privacy Rule to support…