Do-It-Yourself Toolkit for Security Risk Assessment for MIPS/MACRA and HIPAA/HITECH Compliance
A security risk analysis is a systematic and ongoing process of both identifying and examining potential threats and vulnerabilities to protected health information and implementing changes to make patient health information more secure. Under the HIPAA Privacy and Security Rule, health care organizations are required to perform active risk prevention and safeguarding of patient information to ensure patient privacy.
All covered entities and business associates must comply with the HIPAA/HITECH privacy, security, and breach rules, which specifically focus on protecting the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI). As part of this requirement, EHR 2.0 has developed an easy-to-use HIPAA/HITECH assessment online toolkit for small organizations to evaluate privacy, security, and breach rule requirements. Our toolkit consists of: