Lobbying Affiliate: MML&K Government Solutions
{ Banner Image }

Healthcare Law Blog

Comprehensive Healthcare law services.
It's kind of our bag.

Contact Us

* Indicates a required field.

Categories

McBrayer Blogs

Related Blogs

A New HIPAA Security Risk Assessment Tool For Your Compliance Arsenal

On Friday, the U.S. Department of Health and Human Services (HHS) announced a new security risk assessment (“SRA”) tool for small and medium size healthcare providers. The downloadable tool (available for free here) is a self-contained, independent application that is available for Windows and iOS platforms. The SRA works by asking a series of in-depth questions about the provider’s activities and facilities. The “yes” or “no” answer format for each question reveals whether corrective action is needed in a particular area. Additional resources in the SRA help providers understand the risks associated with the use, disclosure and storage of protected health information. The SRA offers providers the opportunity to generate, update and document assessment materials and corrective action plans through the SRA; documentation is especially important for audit purposes.

HIPAA risk assessments are mandatory for covered entities and business associates, and should be imposed on the subcontractors of business associates that use or disclose protected health information. The new SRA tool can provide helpful guidance for providers to identify risk areas. If you have questions or concerns about mitigating a compliance risk identified through a HIPAA risk assessment, contact a McBrayer health care attorney. We are available to answer questions and help you find solutions to ensure compliance with health care privacy requirements.

This article is intended as a summary of federal or state law and does not constitute legal advice.

Ashland, KYLexington, KYLouisville, KYFrankfort, KY: MML&KFrankfort, KY LawGreenup, KYWashington, D.C.