HHS Updates Security Risk Assessment Tool

October 17, 2018 Mayuri Kumar

The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis.

Failure to conduct a risk assessment has been a weakness repeatedly identified in HHS breach investigations involving organizations of all sizes, including in the recent $16 million HIPAA settlement with Anthem (see Anthem Mega Breach: Record $16 Million HIPAA Settlement).

David Finn’s comments are featured in this article.

Previous Article
GUEST BLOG: The Cybersecurity Shortage: Closing the Gap
GUEST BLOG: The Cybersecurity Shortage: Closing the Gap

Next Article
HHS OIG Launches Cybersecurity Web Page
HHS OIG Launches Cybersecurity Web Page