Finally! FREE HIPAA Tool Makes HIPAA Risk-Assessment Easy-Peasy

Apr 6, 2014 | 6 comments

HIPAA Risk-AssessmentConducting Health Insurance Portability and Accountability Act HIPAA risk assessments has been required for years, but many small or independent practitioners haven’t bothered because of the burden. The proliferation of practitioners using one or more devices with clinical populations has required an expedited process to relieve complications and burdens related to HIPAA compliance.
Healthcare IT News reported that HHS’s Office for Civil Rights and the Office of the National Coordinator for Health IT have released a “security risk assessment tool” for small and mid-sized entities.  Officials explained, “The tool is designed to help practices conduct and document a HIPAA risk assessment in a thorough, organized fashion at their own pace by allowing them to assess the information security risks in their organizations under the … HIPAA Security Rule.”  The tool is available as a downloadable mobile app. It also can create a report to be shown to auditors.
With HIPAA, all “covered entities” must “regularly review the administrative, physical and technical safeguards they have in place to protect the security of

Member Login

information.”  As HHS staff noted in their recent news release, “By conducting these HIPAA risk assessments, health care providers can uncover potential weaknesses in their security policies, processes and systems.”  According to National Coordinator for Health Information Technology Karen DeSalvo, the new tool  will  meet providers’ needs and goals: “Protecting patients’ protected health information is important to all health care providers and the new tool we are releasing today will help them assess the security of their organizations.”
HHS officials noted that “risk analysis tops the list for where health care entities often make their biggest HIPAA misstep.” As Health care data breaches have involved “more than 30 million people [having] their protected health information compromised”  and “Organizations have been required to pay $18.6 million in settlement fines. State fines are not included in that estimate. As we have reported here at the Telebehavioral Health Institute,  the most frequently reported target for HIPAA enforcement is private practices. This new tool will simply and expedite the regular risk assessment task of the private or small group practitioner.
HHS and ONC are asking for comments from users.

6 Comments

  1. Diane Hediger
    Diane Hediger on April 7, 2014 at 9:12 am

    What is the app called?

  2. Grace Valenti
    Grace Valenti on April 24, 2014 at 10:37 am

    No mention in the article as to what the app is (called) and where it can be acquired. Can you supply this info?

  5. Marlene Maheu, Ph. D.
    Marlene Maheu, Ph. D. on October 25, 2014 at 7:15 am

    All reports that we have received are quite positive. The tool helps us be compliant with HIPAA laws, as defined by this same group. Therefore, anything that will help us adhere to their standards would make the make the tool quite effective.

  6. Ryan Stephens
    Ryan Stephens on August 3, 2020 at 6:24 am

    Third party vendors offer more than just risk assessment tools. Modern software now allow providers to streamline their entire compliance processes.

Submit a Comment

Your email address will not be published. Required fields are marked *