The HIPAA Simple Risk Assessment guides covered entities and business associates through a series of questions based on the standards and implementation specifications identified in the HIPAA Security Rule and covers basic security practices, security failures, risk management and personnel issues.
HIPAA Simple Risk Assessment Key Elements
- Security Risk Assessment (SRA) Basics (security management process).
- Security Policies, Procedures, & Documentation (defining policies & procedures).
- Security & Your Workforce (defining/managing access to systems and workforce training).
- Security & Your Data (technical security procedures).
- Security & Your Practice (physical security procedures).
- Security & Your Vendors (business associate agreements and vendor access to PHI).
- Contingency Planning (backups and data recovery plans).
- All data is saved locally in a secure format.
- Assessments are performed onsite and usually conclude in 2-3 hours.
The Value of a HIPAA Simple Risk Assessment
- Identify vulnerabilities. Proactively determine where your policies, procedures and documentation are weak.
- Establish likelihood. Determine the probability that a breach or compromising event will occur.
- Establish impact. Determine the effect a breach or compromising event would create.
Your Options
Now that you’ve learned how the HIPAA Simple Risk Assessment benefits you, it is time to make a decision. Here are your options:
- Call Cyber Safety Net today at (844) 580-1200 to schedule yours.
- Avoid calling. Maybe you feel you will never get audited, incur a breach or be accused of negligently handling PHI (protected health information). Nobody will ever give you PHI about a loved one. Why worry?
- Do it yourself. Maybe you feel you can perform your own security risk assessment. Chances are…you’ll let this sit at the bottom of your TODO list and when you get to it, you won’t understand the questions or why you’re doing the assessment in the first place. You give up and do something easier.
All this for $499 for a limited time. The HIPAA Simple Risk Assessment takes you through each section by presenting questions about your organization’s activities. Your answers will show you if you should take corrective action for that specific item or continue with your current security activities. If corrective action is suggested, the Assessment provides guidance on the related HIPAA Rule requirement or security reference and suggestions on how to improve.
Cyber Safety Net – Keeping you safe online. See https://cybersafetynet.net/cyber-security-awareness-training/ to train and strengthen your human firewall. See https://youtu.be/UFpFesrcnvY and https://www.knowbe4.com/security-awareness-training-features/ to learn more.