The Security Risk Assessment Tool by the Office of the National Coordinator (ONC) for Health Information Technology is a free tool designed to help practices with one to 10 physicians identify their risks and vulnerabilities with electronic protected health information (ePHI) and then implement appropriate security measures.
HIPAA requires practices to review and document their administrative, physical, and technical safeguards to regularly protect patients’ ePHI.
If you participate in the Medicare Merit-Based Incentive Payment System (MIPS), conducting or updating a risk assessment is a requirement in the Promoting Interoperability category.
Need help working through the tool? TMA’s practice management consultants can provide on-site staff training and compliance walk-throughs. Contact them today to learn more about the HIPAA Gap Analysis and Training.
Last Updated On
July 19, 2023
Originally Published On
September 26, 2019