HHS updates tool to help providers assess HIPAA security risks

Sep 13, 2023 - 03:53 PM
hhs-health-and-human-services-seal

The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology and Office for Civil Rights have updated their tool to help health care providers (especially smaller organizations) identify and assess potential risks to electronic protected health information, as required by the HIPAA Security Rule. The Security Risk Assessment Tool walks users through the security risk assessment process using multiple-choice questions, threat and vulnerability assessments, and asset and vendor management. New features include a remediation report; glossary and tool tips; references to the Health Industry Cybersecurity Practices 2023 Edition; bug fixes and usability enhancements.

Related News Articles

Headline
OCR releases telehealth privacy and security resources for providers, patients
The Department of Health and Human Services’ Office for Civil Rights Oct. 18 released a resource for health care providers who choose to educate patients about…
Headline
COVID-19 HIPAA transition period for telehealth expires
Health care providers must comply with the HIPAA rules with respect to telehealth effective Aug. 9 at 11:59 p.m., when the 90-day enforcement discretion period…
Headline
CMS urged not to implement proposed prior authorization attachment standard
The AHA July 27 joined AHIP, the American Medical Association, and Blue Cross Blue Shield Association in urging the Centers for Medicare & Medicaid…
Headline
Agencies warn hospitals, others about tracking technology compliance risks
The Department of Health and Human Services’ Office for Civil Rights and Federal Trade Commission yesterday sent a letter to about 130 hospital systems and…
Headline
FTC proposes changes to breach notification requirements for entities not covered by HIPAA 
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect…
Headline
AHA urges OCR to finalize HIPAA privacy proposal, suspend online tracking guidance  
The Department of Health and Human Services’ Office for Civil Rights should finalize its proposed “commonsense” amendments to the HIPAA Privacy Rule to support…