Security Risk Assessment

VITL offers services that can assist health care providers with keeping electronic patient information safe and meet the Security and risk assessmentrequirements of the HIPAA Security Rule. Services include a comprehensive security risk assessment that is designed to evaluate existing vulnerabilities in data, electronic media and devices, physical plant, policies and procedures, and other sources that affect patient information, confidentiality, and safety. 

The comprehensive security risk assessment also meets the criteria for Meaningful Use Stage 1 and 2, both of which contain core measures that require eligible professionals to protect electronic health information through the use of appropriate technological safeguards. 

VITL offers assistance with security risk assessments. An analysis tool developed by VITL is used to identify and catalog security issues. Our review covers the electronic health records systems and other items such as:

  • Is patient information encrypted on all devices?
  • Are business associate agreements in place with every entity that has access to protected health information (PHI)?
  • Is security training conducted for staff and providers?

A completed analysis is given to the practice which lists the identified vulnerabilities, recommends possible remediation steps, and allows the assessment and rating of risk. Areas requiring a new policy or procedure are also identified. Upon request, VITL can provide policy templates and further guidance with review of identified vulnerabilities and next steps.  

Please contact us for more information.

Tag / Keyword: