If you lost a laptop or smartphone, got a computer virus, received a patient HIPAA complaint, or had a business associate breach, would you be prepared? Conducting a security risk analysis is a key requirement of the HIPAA Security Rule and a core requirement for physicians participating in the Medicare and Medicaid electronic health record (EHR) incentive programs.
The U.S. Department of Health and Human Services has a free HIPAA compliance tool for small- to medium-sized practices. The Security Risk Analysis (SRA) tool helps those practices conduct and document a risk analysis to determine potential HIPAA security risks and address them. The SRA website has user tutorials and videos to help you get started. The SRA tool also allows practices to print a report to provide to auditors.
If you have questions about HIPAA or SRA requirements, e-mail the TMA HIT Helpline, or call (800) 880-5720.
Find more resources for managing practice risks on the TMA website.
Action, Aug. 1, 2016
Last Updated On
March 13, 2019