5

Finally! FREE HIPAA Tool Makes HIPAA Risk-Assessment Easy-Peasy

HIPAA Risk-Assessment

Conducting Health Insurance Portability and Accountability Act (HIPAA) security risk assessments has been required for years, but many small or independent practitioners haven’t bothered because of the burden. The proliferation of practitioners using one or more devices with clinical populations has required an expedited process to relieve complications and burdens related to HIPAA compliance.

Healthcare IT News reported that HHS’s Office for Civil Rights and the Office of the National Coordinator for Health IT have released a “security risk assessment tool” for small and mid-sized entities.  Officials explained, “The tool is designed to help practices conduct and document a risk assessment in a thorough, organized fashion at their own pace by allowing them to assess the information security risks in their organizations under the … HIPAA Security Rule.”  The tool is available as a downloadable mobile app. It also can create a report to be shown to auditors.

With HIPAA, all “covered entities” must “regularly review the administrative, physical and technical safeguards they have in place to protect the security of [protected health] information.”  As HHS staff noted in their recent news release, “By conducting these risk assessments, health care providers can uncover potential weaknesses in their security policies, processes and systems.”  According to National Coordinator for Health Information Technology Karen DeSalvo, the new tool  will  meet providers’ needs and goals: “Protecting patients’ protected health information is important to all health care providers and the new tool we are releasing today will help them assess the security of their organizations.”

HHS officials noted that “risk analysis tops the list for where health care entities often make their biggest HIPAA misstep.” As Health care data breaches have involved “more than 30 million people [having] their protected health information compromised”  and “Organizations have been required to pay $18.6 million in settlement fines. State fines are not included in that estimate. As we have reported here at the TeleMental Health Institute,  the most frequently reported target for HIPAA enforcement is private practices. This new tool will simply and expedite the regular risk assessment task of the private or small group practitioner.

HHS and ONC are asking for comments from users.

Rate this post!

(5 raters, 25 scores, average: 5.00 out of 5)

5 comments on “Finally! FREE HIPAA Tool Makes HIPAA Risk-Assessment Easy-Peasy

  1. No mention in the article as to what the app is (called) and where it can be acquired. Can you supply this info?

    • All reports that we have received are quite positive. The tool helps us be compliant with HIPAA laws, as defined by this same group. Therefore, anything that will help us adhere to their standards would make the make the tool quite effective.

Leave a Reply

Name and email are required. Your email address will not be published.