Submitting this form confirms your express consent to receive Baker Tilly electronic communications. These communications consist of educational materials, opportunities for online events, and corporate information. You may withdraw your consent by unsubscribing at any time.
HIPAA and healthcare technology have changed significantly over the past 20 years. Today, more than ever, covered entities and their business associates face an evolving risk environment in which they must safeguard electronic protected health information (ePHI).
Often, HIPAA risk assessment reports do not meet the guidance defined by the Office of Civil Rights (OCR) or support a complete review of the security rule controls. Checklists of policies and procedures, penetration test results and IT assessments barely scratch the surface of the data security safeguards.
Baker Tilly HIPAA and cybersecurity specialists developed a whitepaper that highlights the required components of a HIPAA risk analysis as defined in the security rule and also shares a cost effective approach to completing a risk analysis annually.
"HIPAA's role and importance continues to rise with the value of the data it was created to protect. If you are responsible for securing patient and proprietary healthcare information, you cannot afford to be unprepared. With the OCR increasing enforcement efforts related to HIPAA compliance, a HIPAA risk assessment plays a critical role. If performed in a strategic manner – customized to the entity's culture and organizational structure – it can help manage and reduce cybersecurity risks."Jeff Krull, Partner, Risk, Internal Audit and Cybersecurity