Did you know?
What The Heck Does That Mean?
That’s right folks – your size doesn’t matter when it comes to HIPAA compliance …
YOU are still required to perform a complete and thorough HIPAA Risk Analysis.
Why Does It Matter?
Your HIPAA Risk Analysis helps you measure the impact of threats and vulnerabilities that pose a risk to the PHI in your organization.
While there is no single method or “best practice” that guarantees compliance; however, most HIPAA Risk Analysis and risk management processes have these steps in common.
Your HIPAA Risk Analysis should include, but is not be limited to, the following activities:
- Evaluate the likelihood and impact of potential risks to your ePHI.
- Implement appropriate security measures to address the risks identified in your HIPAA Risk Analysis.
- Implement appropriate security measures to address the risks you identified in your HIPAA Risk Analysis.
- Document the chosen security measures and, where required, the rationale for adopting those measures.
- Maintain continuous, reasonable, and appropriate security protections.
- The results of your HIPAA Risk Analysis will be used to determine reasonable and appropriate security measures for your organization.
Remember: ANY change made to the hardware, software and/or medical devices used to create, receive, maintain, or transmit, an organization’s PHI requires an update to the HIPAA Risk Analysis.
Does this sound like you?
When it comes to the HIPAA Security Rule does this sound like you:
- » New to healthcare and HIPAA
- » Feeling overwhelmed (by all the information you need to learn and do)
- » Unsure of how or where to start
…and now you need to perform a complete and thorough HIPAA Security Risk Analysis??
Want to know more?
Join me for our free monthly HIPAA compliance webinar on Wednesday, March 28, 2019 @ 1p E/10a P
Don’t forget to register – Hope To See You There!!