Article

It's that time of year...to do Security Risk Assessment

Provided by:  Jennifer Kirschenbaum, Esq.
November 10, 2020
 
 
 
(Click here for an oldie, but goodie, Webinar on Security Risk Assessment)

If there were a year we deserved a pass, it would be 2020, right?  No such luck as related to HIPAA.  The Office for Civil Rights is kicking reviews into high gear, which means over the next few weeks its time for me to remind you of the obligations coming towards the end of the year related to voluntary disclosures, and also to remind you of the regular obligation (at least annually) to conduct a Security Risk Assessment, which you can do for free, here - 
https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool

As a refresher, the Security Risk Assessment Tool is made available by HealthIT.gov and serves as an interactive questionnaire you can use to evaluate your practice's level of HIPAA compliance.  The Security Risk Assessment Tool also provides suggested remedies for areas of potential exposure.  Assessments by OCR and remediation plans have very consistent patterns.  Those who are vigilant and make an effort to comply are less likely to have exposure should a disclosure/breach happen on their watch (which is always a risk).  Those who flagrantly disregard and take no effort to comply will be an open target if ever reviewed, and risk much higher penalties for non compliance. 

What's involved with the Security Risk Assessment Tool and process?  Time.  Not too much, but some.  Taking the survey and seeing where you have areas of exposure.  Those areas of exposure may require your IT team to get involved to build technical safeguards (like, encryption), or your administrators to build physical safeguards (like, passwords), or your legal team to build administrative safeguards (like, policies and/or procedures or assistance with Business Associate Agreements).  


(Click here for an oldie, but goodie Webinar on Security Risk Assessment)

 


Looking for the KK Healthcare Exchange?  Click Here. 

MISSED OUR RECENT WEBINARS?  CLICK HERE ANYTIME!
Looking for HIPAA and compliance forms?  
Click here to visit our website.
Have a question or comment for Jennifer?
Contact Jennifer at Jennifer@Kirschenbaumesq.com or  at (516) 747-6700 x. 302.
Interested in having Jennifer speak at an event or
at a residency/fellowship program?
Contact Jennifer directly at (516) 747-6700 x. 302 or at Jennifer@Kirschenbaumesq.com
Click here to learn about
K&K's Prepaid Legal Audit/Investigation Defense Now!
It's that time of year...to do Security Risk Assessment-November 10, 2020-Jennifer Kirschenbaum

Article

It's that time of year...to do Security Risk Assessment

Provided by:  Jennifer Kirschenbaum, Esq.
November 10, 2020
 
 
 
(Click here for an oldie, but goodie, Webinar on Security Risk Assessment)

If there were a year we deserved a pass, it would be 2020, right?  No such luck as related to HIPAA.  The Office for Civil Rights is kicking reviews into high gear, which means over the next few weeks its time for me to remind you of the obligations coming towards the end of the year related to voluntary disclosures, and also to remind you of the regular obligation (at least annually) to conduct a Security Risk Assessment, which you can do for free, here - 
https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool

As a refresher, the Security Risk Assessment Tool is made available by HealthIT.gov and serves as an interactive questionnaire you can use to evaluate your practice's level of HIPAA compliance.  The Security Risk Assessment Tool also provides suggested remedies for areas of potential exposure.  Assessments by OCR and remediation plans have very consistent patterns.  Those who are vigilant and make an effort to comply are less likely to have exposure should a disclosure/breach happen on their watch (which is always a risk).  Those who flagrantly disregard and take no effort to comply will be an open target if ever reviewed, and risk much higher penalties for non compliance. 

What's involved with the Security Risk Assessment Tool and process?  Time.  Not too much, but some.  Taking the survey and seeing where you have areas of exposure.  Those areas of exposure may require your IT team to get involved to build technical safeguards (like, encryption), or your administrators to build physical safeguards (like, passwords), or your legal team to build administrative safeguards (like, policies and/or procedures or assistance with Business Associate Agreements).  


(Click here for an oldie, but goodie Webinar on Security Risk Assessment)

 


Looking for the KK Healthcare Exchange?  Click Here. 

MISSED OUR RECENT WEBINARS?  CLICK HERE ANYTIME!
Looking for HIPAA and compliance forms?  
Click here to visit our website.
Have a question or comment for Jennifer?
Contact Jennifer at Jennifer@Kirschenbaumesq.com or  at (516) 747-6700 x. 302.
Interested in having Jennifer speak at an event or
at a residency/fellowship program?
Contact Jennifer directly at (516) 747-6700 x. 302 or at Jennifer@Kirschenbaumesq.com
Click here to learn about
K&K's Prepaid Legal Audit/Investigation Defense Now!