HHS Updates Security Risk Assessment Tool

October 17, 2018 Mayuri Kumar

The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis.

Failure to conduct a risk assessment has been a weakness repeatedly identified in HHS breach investigations involving organizations of all sizes, including in the recent $16 million HIPAA settlement with Anthem (see Anthem Mega Breach: Record $16 Million HIPAA Settlement).

David Finn’s comments are featured in this article.

Previous Article
How to build an effective cybersecurity strategy on a tight budget
How to build an effective cybersecurity strategy on a tight budget

Next Article
HHS OIG Launches Cybersecurity Web Page
HHS OIG Launches Cybersecurity Web Page