• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

HIPAA app designed to help practices conduct risk analyses

Article

A new security risk assessment app designed to help small- to medium-sized practices conduct risk assessments of their organizations is now available for download from the U.S. Department of Health and Human Services.

A new security risk assessment (SRA) app designed to help small- to medium-sized practices conduct risk assessments of their organizations is now available for download from the U.S. Department of Health and Human Services (HHS).

The app is designed to help practices conduct and document a risk assessment in a thorough, organized fashion at their own pace by allowing them to assess the information security risks in their organizations under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

The application, available for downloading at the HealthIT website also produces a report that can be provided to auditors.

HIPAA requires physicians to regularly conduct SRAs, which involve comprehensive reviews of the administrative, physical, and technical safeguards they have in place to protect patient information. An SRA allows healthcare providers an opportunity to discover vulnerabilities in their security policies, processes, and systems in order to prevent data breaches. The SRA is also a core requirement for providers seeking meaningful use.

Since September 2009, there have been more than 900 large health breaches impacting more than 30.6 million U.S. residents, according to an analysis of breach data by GovInfoSecurity.

“Protecting patients’ protected health information is important to all health care providers and the new tool we are releasing today will help them assess the security of their organizations,” said Karen DeSalvo, M.D., national coordinator for health information technology, in a news release. “The SRA tool and its additional resources have been designed to help health care providers conduct a risk assessment to support better security for patient health data.”

The app website includes a user guide and tutorial video to help providers begin using the tool.

The tool is available for both Windows operating systems and Apple’s iOS. Download the Windows version at: http://www.healthit.gov/security-risk-assessment. The iOS iPad version is available from the Apple app store (HHS suggests searching “HHS SRA tool” to find the app).

The ONC is seeking user feedback. Public comments on the SRA tool will be accepted at the HealthIT website until June 2, 2014. 

Related Videos
Peter H. Reilly, HUB International
Peter H. Reilly, HUB International: ©HUB International
Peter H. Reilly, HUB International
Georges C. Benjamin, MD
Robert E. Oshel, PhD
Gary Price, MD, MBA
Gary Price, MD, MBA
Kyle Zebley headshot
Kyle Zebley headshot
© 2023 MJH Life Sciences

All rights reserved.