HHS Updates Security Risk Assessment Tool

October 17, 2018 Mayuri Kumar

The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis.

Failure to conduct a risk assessment has been a weakness repeatedly identified in HHS breach investigations involving organizations of all sizes, including in the recent $16 million HIPAA settlement with Anthem (see Anthem Mega Breach: Record $16 Million HIPAA Settlement).

David Finn’s comments are featured in this article.

Previous Article
Can't afford a security chief? Here are the alternatives
Can't afford a security chief? Here are the alternatives

Next Article
Ethical hacking: What to look for in a pen tester
Ethical hacking: What to look for in a pen tester