“We can evade reality but we cannot evade the consequences of evading reality.” –Ayn Rand

Technology is the “racecar” for communication these days.  All health care settings are becoming more and more dependent on technology when conducting everyday business.  Recently, U.S. Department of Health & Human Services released a security assessment tool to assist with HIPAA compliance through the use of performing and documenting risk assessments that are organized and thorough.

As stated in the HHS news release on March 28, 2014, “HIPAA requires organizations that handle protected health information to regularly review the administrative, physical and technical safeguards they have in place to protect the security of the information.”

Conducting risk assessments is not only a key requirement of the HIPAA Security Rule, but also is a main requirement for providers pursuing payment through the Medicare and Medicaid HER Incentive Program (Meaningful Use Program).

“It will take too much time to do risk assessments,” you might say. However, in the long run you will be in the top leader group approaching the finish line in securing patient information. Risk assessments are crucial in helping health care providers reveal weak areas in their security policies and systems.  Conducting robust risk assessments will improve security of patient health information and decreases risk/prevent health information breaches.

For more information on the HHS risk assessment tool, click here.