HHS Updates Security Risk Assessment Tool

October 17, 2018 Mayuri Kumar

The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis.

Failure to conduct a risk assessment has been a weakness repeatedly identified in HHS breach investigations involving organizations of all sizes, including in the recent $16 million HIPAA settlement with Anthem (see Anthem Mega Breach: Record $16 Million HIPAA Settlement).

David Finn’s comments are featured in this article.

Previous Article
Cyber Incidents in Healthcare: How Much Would You Pay?
Cyber Incidents in Healthcare: How Much Would You Pay?

Next Article
HIPAA lets providers text patients, but is it secure?
HIPAA lets providers text patients, but is it secure?