Health Information Compliance Alert
Use This Chart To Dispel Security Risk Analysis Myths
PDF
HHS OCR gives you a little help on getting your risk analysis down pat.
As the HHS Office for Civil Rights (OCR) ramps up its enforcement of the HIPAA Security Rule, you’d better get your compliance in order — and the feds will specifically scrutinize your security risk analysis. Understanding the facts behind the many risk analysis myths out there is an important compliance step.
Good news: On Nov. 22, 2013, HHS OCR released a handy updated Security Risk Analysis Tipsheet. The document includes an explanation of the HIPAA Security Rule’s risk analysis requirement, a table of risk and safeguard examples, and much more.
Below is the Tipsheet’s table of Security Risk
Analysis Myths and Facts. To access the entire Tipsheet, go to www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Downloads/SecurityRiskAssessment_FactSheet_Updated20131122.pdf. 
Health Information Compliance Alert
- HIPAA Compliance:
Heed Expert Tips To Craft Effective HIPAA Policies & Procedures
Make sure you cover these 7 big changes under the new rules. If you’re like [...] - Know 4 Principles Your Policies Must Never Be Without
Do your policies set forth clear responsibilities and accountability? What makes a “good” policy? According [...] - Reader Question:
Taking Secrets To The Grave: When You Can Share Decedents' PHI
Question: Our practice treated a patient who passed away two years ago, and now we [...] - Reader Question:
Are BAAs Always Necessary?
Question: With the HIPAA Omnibus Final Rule now in effect, it seems as though we [...] - Reader Question:
Can You Send Medical Records Via Email (Securely)?
Question: One of our patients has requested a copy of his medical records, and he [...] - Tool:
Use This Chart To Dispel Security Risk Analysis Myths
HHS OCR gives you a little help on getting your risk analysis down pat. As [...] - Enforcement News:
Brace Yourself For Increased HIPAA Audits
Plus: OCR now handing out fines for not having breach policies. The HHS Office of [...]