The Department of Health and Human Services (HHS), through its Office of the National Coordinator for Health Information Technology (ONC), developed an interactive Security Risk Assessment Tool (SRA Tool)
to assist covered entities in performing and documenting Health Insurance Portability and Accountability Act (HIPAA) security risk assessments.
Although HHS designed the SRA Tool for health care providers in small- to medium-sized offices, it is a helpful resource for all covered entities and business associates to review their implementation of the HIPAA Security Rule. HHS updated the SRA Tool in September 2023 to incorporate a variety of new enhancements and bug fixes based on user feedback from prior versions.
Conducting a risk assessment is a crucial first step in an organization’s efforts to comply with the Security Rule. It directs what reasonable steps a covered entity or business associate should take to protect the ePHI it creates, transmits, receives or maintains. Risk assessment is also an
ongoing process. Covered entities and business associates should periodically revisit their risk assessments and make appropriate updates to their ePHI safeguards.
We Make it Easy
Let us take the stress out of managing employee benefits.
Schedule a Call
We’ll ask a few questions, review your current benefits and determine your goals.
Let us Do the Leg Work
Based on your needs and budget, we’ll research all available options and help you select the right plan for your employees and your business.
Bask in the Glory
When you’re confident due diligence has been done, and you’ve selected the right plan it’s time to sit back and relax - or get to everything else on your list.