Revenue Cycle Management
COVID-19
Reimbursement
Diabetes Awareness Month
Risk Management
Patient Retention
Staffing
Medical Economics® 100th Anniversary
Coding and documentation
Business of Endocrinology
Telehealth
Physicians Financial News
Cybersecurity
Cardiovascular Clinical Consult
Locum Tenens, brought to you by LocumLife®
Weight Management
Business of Women's Health
Practice Efficiency
Finance and Wealth
EHRs
Remote Patient Monitoring
Sponsored Webinars
Medical Technology
Billing and collections
Acute Pain Management
Exclusive Content
Value-based Care
Business of Pediatrics
Concierge Medicine 2.0 by Castle Connolly Private Health Partners
Practice Growth
Concierge Medicine
Business of Cardiology
Implementing the Topcon Ocular Telehealth Platform
Malpractice
Influenza
Sexual Health
Chronic Conditions
Technology
Legal and Policy
Money
Opinion
Vaccines
Practice Management
Patient Relations
Careers

HIPAA app designed to help practices conduct risk analyses

April 2, 2014

Article

A new security risk assessment app designed to help small- to medium-sized practices conduct risk assessments of their organizations is now available for download from the U.S. Department of Health and Human Services.

A new security risk assessment (SRA) app designed to help small- to medium-sized practices conduct risk assessments of their organizations is now available for download from the U.S. Department of Health and Human Services (HHS).

The app is designed to help practices conduct and document a risk assessment in a thorough, organized fashion at their own pace by allowing them to assess the information security risks in their organizations under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

The application, available for downloading at the HealthIT website also produces a report that can be provided to auditors.

HIPAA requires physicians to regularly conduct SRAs, which involve comprehensive reviews of the administrative, physical, and technical safeguards they have in place to protect patient information. An SRA allows healthcare providers an opportunity to discover vulnerabilities in their security policies, processes, and systems in order to prevent data breaches. The SRA is also a core requirement for providers seeking meaningful use.

Since September 2009, there have been more than 900 large health breaches impacting more than 30.6 million U.S. residents, according to an analysis of breach data by GovInfoSecurity.

“Protecting patients’ protected health information is important to all health care providers and the new tool we are releasing today will help them assess the security of their organizations,” said Karen DeSalvo, M.D., national coordinator for health information technology, in a news release. “The SRA tool and its additional resources have been designed to help health care providers conduct a risk assessment to support better security for patient health data.”

The app website includes a user guide and tutorial video to help providers begin using the tool.

The tool is available for both Windows operating systems and Apple’s iOS. Download the Windows version at: http://www.healthit.gov/security-risk-assessment. The iOS iPad version is available from the Apple app store (HHS suggests searching “HHS SRA tool” to find the app).

The ONC is seeking user feedback. Public comments on the SRA tool will be accepted at the HealthIT website until June 2, 2014.