The Security and Privacy Rules both share the common goal of safeguarding Protected Health Information (PHI), the Privacy Rule applies to all media types including paper, oral, and electronic. The Privacy Rule requires organizations to consider the confidentiality, integrity, and availability of PHI. Further, procedures need to be in place to address the use and disclosure of PHI, notice of privacy practices, and minimum necessary approach to using PHI.
The stand-alone HIPAA Security Risk Analysis is a HIPAA requirement for ALL Medical Practices. Additionally, if you are Attesting for Meaningful Use, you are certifying that your practice has “conducted or reviewed a Security Risk Analysis in accordance with the requirements under the HIPAA Security Rule and implemented security updates as necessary and correct identified security deficiencies as part of its risk management process.” To attest you must correct the deficiencies before or during your Meaningful Use reporting period.
NNYOnline can perform an assessment to evaluate an organization’s compliance with the HIPAA Security and Privacy Rule requirements, HITECH Act provisions (i.e. breach notification), as well as, your overall security and data privacy posture.
Call Us to schedule your HIPAA Security Risk Analysis (315) 782-6944