HHS says providers should use tool for risk assessment

Share this article:
Karen DeSalvo
Karen DeSalvo

The HHS Office of National Coordinator for Health Information Technology and Office for Civil Rights are making a new security risk assessment tool available to help small- to mid-sized providers conduct their own risk assessments. 

The ONC application, available for downloading at www.HealthIT.gov/security-risk-assessment also produces a report that can be provided to auditors. The tool is available for both Windows operating systems and iOS iPads.

 “Protecting patients' protected health information is important to all healthcare providers and the new tool we are releasing will help them assess the security of their organizations,” said Karen DeSalvo, M.D., national coordinator for health information technology. “The SRA tool and its additional resources have been designed to help healthcare providers conduct a risk assessment to support better security for patient health data.”

Conducting a security risk assessment is a key HIPAA mandate and a core requirement for providers seeking payment through the Medicare and Medicaid Electronic Health Records Incentive Program, commonly known as Meaningful Use. Failure to conduct risk assessments on time has been the top problem identified in Meaningful Use attestation audits.

Besides ensuring compliance with HIPAA administrative, physical and technical safeguards, risk assessments also help providers address an organization's vulnerabilities, potentially preventing health data breaches or other adverse security events. 

Many long-term care facilities might not technically be considered a small- to mid-sized provider, but they still could benefit from the new tool, ONC spokesman Peter Ashkenaz told McKnight's. They can use it to get a “sense of what risk assessment may entail,” he said. 

He also recommended that long-term care providers explore the security tool at scap.nist.gov


Share this article:

More in News

RACs collected nearly $2 million from skilled nursing facilities last year, report ...

Recovery Audit Contractors recovered $1.8 million in Medicare overpayments made to skilled nursing facilities in fiscal year 2013, according to a Congressional report released Monday.

OK nursing home worker threatened to behead colleague in a terrorist act, ...

Police in Oklahoma City have arrested a nursing home worker who allegedly threatened to behead another staff member out of solidarity with the Islamic State in Iraq and Syria, according to news sources.

Jewish Home Lifecare named Innovator of the Year

Jewish Home Lifecare named Innovator of the Year

Jewish Home Lifecare won the top award in the Innovator of the Year category in the third annual McKnight's Excellence in Technology Awards competition.