Physical therapists (PTs) and other health professionals looking for help on how to conduct HIPAA security risk assessments have a new free tool to make the process more understandable.
The US Office of the National Coordinator for Health Information Technology (ONC) is now offering a downloadable Security Risk Assessment (SRA) Tool that it says "lets you take a self-directed tour of HIPAA standards and helps you conduct a risk assessment at your own pace." The tool was developed in collaboration with the US Department of Health and Human Services' Office for Civil Rights and the Office for the General Counsel.
Under HIPAA, PTs who are considered covered entities or business associates are required to conduct risk and vulnerability assessments of electronic personal health information (PHI) to evaluate the potential for the confidentiality, integrity, and availability of that information to be compromised.
The tool is designed to lead users through each HIPAA requirement through a series of yes or no questions. In addition to providing space for documentation, the tool offers other features including "context sections" that explain threats and vulnerabilities, examples of safeguards, a glossary, and report charts that display the user's risk levels. The report can also be exported as a Microsoft Excel file or PDF document. The tool is available for both Microsoft and iOS (iPad only).
Recent costly settlements for violations of HIPAA PHI requirements have made headlines, and underscore the importance of understanding the rules and assessing security risks. APTA offers multiple resources on health information technology, HIPAA requirements, and electronic health records.
American Physical Therapy Association | 1111 North Fairfax Street, Alexandria, VA 22314-1488 703/684-APTA (2782) | 800/999-2782 | 703/683-6748 (TDD) | 703/684-7343 (fax)
Contact Us | For Advertisers & Exhibitors | For Media | Follow APTA
All contents © 2014 American Physical Therapy Association. All Rights Reserved.