Health Information Compliance Alert

Tool:

Use This Chart To Dispel Security Risk Analysis Myths

HHS OCR gives you a little help on getting your risk analysis down pat.

As the HHS Office for Civil Rights (OCR) ramps up its enforcement of the HIPAA Security Rule, you’d better get your compliance in order — and the feds will specifically scrutinize your security risk analysis. Understanding the facts behind the many risk analysis myths out there is an important compliance step.

Good news: On Nov. 22, 2013, HHS OCR released a handy updated Security Risk Analysis Tipsheet. The document includes an explanation of the HIPAA Security Rule’s risk analysis requirement, a table of risk and safeguard examples, and much more.

Below is the Tipsheet’s table of Security Risk
Analysis Myths and Facts. To access the entire Tipsheet, go to www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Downloads/SecurityRiskAssessment_FactSheet_Updated20131122.pdf.