This online tool from the U.S. Department of Health and Human Services is designed to help small and medium-sized health care provider organizations conduct information security risk assessments required under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. Risk assessment helps an organization ensure it is complying with HIPAA’S administrative, physical, and technical safeguards. Assessment also helps reveal areas where an organization’s protected health information could be at risk.
A PDF version of the risk assessment tool is available for download. The site also includes a video describing risk assessment and how to use the tool.
This online tool helps health care providers conduct security risk assessments for their protected health information.