What is a Risk Assessment and why do I need one every year?

Login

Existing users log in here

Sign up

New users start here

HIPAA - click the questions for more info

• What is HIPAA?
HIPAA, The Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandates that covered entities must not use or disclose electronic Protected Health Information (e-PHI) without proper authorization.
• What is Protected Health Information?
Protected Health Information is all Personally Identifiable Information that is held or transmitted by a covered entity or a business associate. This includes:
• Written information
• Information stored in computer systems
• Information transmitted orally
• What is a covered entity?
Covered Entities include:
• Health Plans
• Health Providers
• Health Claims Clearing Houses
If you are a medical provider (ie: physician), YOU are a covered entity.
• What do I as a Covered Entity need to do?

You must do a security evaluation of your office and your electronics. This must be specific to your practice and must be documented. You and your staff must have annual HIPAA training. You must create and maintain a culture of compliance within your practice.

That is where we can help you. By answering the questions presented to you, we will create a HIPAA manual which is customized to your practice. Also, as our client, you and your staff are eligible to receive their training for no additional cost with our Webinar series.

• Where can I get additional information and news about HIPAA?
We work together with CME Online to help keep providers and other informed with the latest and most important information about HIPAA and related subjects.
• Are there instructions to help me with the questions here?
Yes, you may reference our online manual to help you.
• Do I need to have the manual in my possession by a certain date to meet a deadline?
The effective date of the manual is the date that you complete your security evaluation, as that is what you are documenting here.
• For how long is the manual valid?
The HIPAA regulations mandate that you review your Risk Analysis every time there is a significant change to your office, the threat environment and on a regular basis. We recommend that you update your manual at least annually.

Information on Vulnerability testing

Learn more about Vulnerability Testing and why you might need it.