The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology and Office for Civil Rights have updated their tool to help health care providers (especially smaller organizations) identify and assess potential risks to electronic protected health information, as required by the HIPAA Security Rule. The Security Risk Assessment Tool walks users through the security risk assessment process using multiple-choice questions, threat and vulnerability assessments, and asset and vendor management. New features include a remediation report; glossary and tool tips; references to the Health Industry Cybersecurity Practices 2023 Edition; bug fixes and usability enhancements.

Related News Articles

Headline
Senate Health, Education, Labor & Pensions Committee Ranking Member Bill Cassidy, R-La., Feb. 21 released a report proposing ways to modernize the existing…
Headline
The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage…
Headline
The Department of Health and Human Services’ Office for Civil Rights Oct. 18 released a resource for health care providers who choose to educate patients about…
Headline
Health care providers must comply with the HIPAA rules with respect to telehealth effective Aug. 9 at 11:59 p.m., when the 90-day enforcement discretion period…
Headline
The AHA July 27 joined AHIP, the American Medical Association, and Blue Cross Blue Shield Association in urging the Centers for Medicare & Medicaid…
Headline
The Department of Health and Human Services’ Office for Civil Rights and Federal Trade Commission yesterday sent a letter to about 130 hospital systems and…