OCR Risk Assessment Tool Makes It Easier To Comply With Key Component Of HIPAA

TC
Thompson Coburn LLP

Contributor

For almost 90 years, Thompson Coburn LLP has provided the quality legal services and counsel our clients demand to achieve their most critical business goals. With more than 380 lawyers and 40 practice areas, we serve clients throughout the United States and beyond.
When was the last time your entity performed a risk assessment under HIPAA?
United States Food, Drugs, Healthcare, Life Sciences

When was the last time your entity performed a risk assessment under HIPAA? If it's been over a year, it may be time to do another one. Performing a risk assessment is a vital component of HIPAA compliance for covered entities and business associates, yet many fail to perform one at all, or do them so infrequently as to make them of little value.

Despite the importance and necessity of performing risk assessments, it's not always an easy task and could require significant time, resources and money, depending on the size of the covered entity or business associate and the amount of PHI it maintains.The Office for Civil Rights (OCR) has recognized this, and so for many years, in collaboration with the Office of the National Coordinator for Health Information Technology, it has made available a downloadable Security Risk Assessment Tool to assist small- and medium-size providers in meeting their obligations to conduct a security risk assessment.

OCR released an update to the Security Risk Assessment Tool last month. If you are a small- to medium-size provider and do not have a recent risk assessment, consider taking it for a spin.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More