November 5, 2013

Hi Jennifer -

Our hardware vendor continues to recommend that we have a HIPAA Security Risk Analysis done.  Is this something that you recommend?  I would very much appreciate your thoughts on the subject.



This is definitely a rhetorical question I wish more practices were asking.  The answer is, of course its a good idea!  Does a HIPAA Security Risk Analysis have to be blown out of proportion or life-altering?  No.  A HIPAA security risk analysis could be as simple as having your compliance officer (who may be you) put together a simple check list, including, but not limited to the following:

A HIPAA Risk Analysis may certainly be more comprehensive than the above framework and will likely involve more than one member of your support team to assist (i.e., your lawyer, EHR company, etc).   

For a review of your policies and procedures or to discuss potential HIPAA exposure, contact Jennifer.  Looking for a policy update, concerned your policies are not up to snuff, or having trouble getting patients to sign your policies? CLICK HERE.