Header graphic for print
HealtHITech Law HIPAA, HITECH and Beyond

Category Archives: Security

Subscribe to Security RSS Feed

HHS HIPAA Security Risk Assessment Tool Now Available

Posted in Security

Many thanks once again to our colleague, Sylvia Brown, for her assistance in authoring this post. The Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the U.S. Department of Health & Human Services (HHS) Office of Civil Rights (OCR), recently released a security risk asessment tool (SRA Tool) to assist entities… Continue Reading

OIG Report Criticizes HIPAA Oversight

Posted in OCR Audits, Security

The HHS Office of Civil Rights (“OCR”) has failed to comply with the HITECH Act’s mandate to audit HIPAA covered entities and business associates, according to a recent report published by the HHS Office of Inspector General (“OIG”). The OIG said that OCR “had not assessed the risks, established priorities, or implemented controls for its HITECH requirement… Continue Reading

HIPAA Security Risk Analysis: Fact or Fiction?

Posted in Meaningful Use, Security

Leading up to the recent compliance date for the Final HIPAA Rule, much was made about the need for providers to perform a security risk analysis.  Quite a bit of dialogue around the increased security compliance obligations centered on the security risk analysis as a foundational requirement of HIPAA.   Although this is not a new requirement, heightened… Continue Reading