HHS Updates Security Risk Assessment Tool

Failure to conduct a risk assessment has been a weakness repeatedly identified in HHS breach investigations involving organizations of all sizes, including in the recent $16 million HIPAA settlement with Anthem (see Anthem Mega Breach: Record $16 Million HIPAA Settlement).The enhanced SRA tool - a collaborative offering by HHS' Office of the National Coordinator for Health IT and the Office for Civil Rights - is designed to help covered entities with 10 or fewer healthcare providers - as well as...