Client Login

HIPAA Risk Analysis

Sunday, February 12, 2017 | BY: Giaspace

HIPAA is a risk-based security framework and the production of a Risk Analysis is one of primary requirements of the HIPAA Security Rule’s Administrative Safeguards. In fact, a Risk Analysis is the foundation for the entire security program. It identifies the locations of electronic Protected Health Information (ePHI,) vulnerabilities to the security of the data, threats that might act on the vulnerabilities, and estimates both the likelihood and the impact of a threat acting on a vulnerability. The Risk Analysis helps HIPAA Covered Entities and Business Associates identify the locations of their protected data, how the data moves within, and in and out of, the organization. It identifies what protections are in place and where there is a need for more. The Risk Analysis results in a list of items that must be remediated to ensure the security and confidentiality of ePHI. The value of a Risk Analysis cannot be overstated. Every major data breach enforcement of HIPAA, some with penalties over $1 million, have cited the absence of, or an ineffective, Risk Analysis as the underlying cause of the data breach. The Risk Analysis must be run or updated at least annually, more often if anything significant changes that could affect ePHI.

Recent Posts

Comcast Internet Outage Nationwide

As a private cloud provider, we need to make sure we limit downtime for our clients.  Today we received a…

Monday, November 6, 2017

KRACK WPA EXPLOIT

Mathy Vanhoef discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range…

Wednesday, October 18, 2017

There is Always Someone Cheaper

It’s true: There is always someone who will do it cheaper. The image above is one that had resonated with…

Wednesday, October 18, 2017

How to Prevent Ransomware And Discourage Data Kidnappers

If the thought of malware is scary, then the idea of ransomware is downright terrifying. A Trojan might steal sensitive…

Tuesday, October 10, 2017

Tech Tools

Test an HTTPS Secured Web Server This free SSL / TLS web server testing tool conducts a thorough analysis of…

Monday, September 4, 2017

Cyber Security Presentation 2017

Monday, September 4, 2017

Ransomware Checklist

Credit goes to KnowBe4

Wednesday, February 22, 2017

HIPAA Supporting Worksheets

A set of individual documents are provided to show detailed information and the raw data the backs up the Evidence…

Thursday, February 16, 2017

Network Share Identification Worksheet

The Network Share Identification Worksheet takes the list of network shares gathered by the Data Collector and lets you identify…

Sunday, February 12, 2017

Computer Identification Worksheet

The Computer Identification Worksheet takes the list of computers gathered by the Data Collector and lets you identify those that…

Sunday, February 12, 2017

Trusted By

Free Consultation 866-442-7723

Partners & Certifications