New Tool Helps With HIPAA Compliance
By Ellen Terry

blue_Cross_619

It’s no fun, but you have to do it: a HIPAA security risk assessment.

Thankfully, an upgraded tool from the U.S. Department of Health and Human Services (HHS) might make it easier.

The Security Risk Assessment Tool 3.0 is designed to help practices with one to 10 physicians identify their risks and vulnerabilities with electronic protected health information (ePHI) and then implement appropriate security measures. 

In updating the tool, HHS incorporated feedback from practice managers and tested user experience. Enhancements include a progress tracker, detailed reports, a more logical workflow, and a business associate and equipment tracker, the HHS Office for Civil Rights says.

HIPAA requires practices to review and document their administrative, physical, and technical safeguards to regularly protect patients’ ePHI.

Also, if you participate in the Medicare Merit-Based Incentive Payment System (MIPS), conducting or updating a risk assessment is a core requirement in the Promoting Interoperability category. 

For more about HIPAA security safeguards and requirements, visit the TMA website’s electronic health record and HIPAA pages

Also, TMA’s practice management consultants can provide on-site staff training and compliance walk-throughs. Plus, TMA offers two on-point continuing medical education courses: HIPAA Security: Compliance and Case Studies and Complying With HIPAA Security. Those courses are free to TMA members, compliments of TMA Insurance Trust


Last Updated On

October 30, 2018

Ellen Terry

Project Manager, Client Services

(512) 370-1391

Ellen Terry has been writing, editing, and managing communication projects at TMA since 2000. She hails from Victoria, Texas; has a journalism degree from Texas State University; and loves to read great fiction. Ellen and her husband have two grown sons and a couple of cats.

More stories by Ellen Terry