Security Risk Assessment

A Better Way to Manage Your HIPAA Security Compliance


Simplify your HIPAA Security Risk Assessment

Progressive healthcare organizations and business associates perform a Security Risk Assessment (SRA) on an annual basis to maintain HIPAA compliance and fulfill their obligations to PHI security and privacy. Our HIPAA SRA offering combines Intraprise Health’s highly rated security services with our industry leading HIPAA Security Risk Assessment software, HIPAA One®.

Increase capabilities and save time while maintaining costs

Simple, automated, and affordable, our SRA removes the administrative burden of compliance. Our cloud-based software follows OCR Audit Protocol and is based on NIST-methodologies to help organizations appropriately respond to and mitigate risks.

You can independently complete your SRA using the HIPAA One® software, or if you would like assistance, our Assessors will work with you in a collaborative, standards-based, and compliance-aware approach to assess your information security and risk management program to help you lower your risk.

contact us to learn more

Advantages of the HIPAA One® Cloud Software:

  • Step-by-step guided approach to compliance
  • Up-to-date software including citations for HIPAA, NIST, and 42 CFR Part 2
  • Access to our certified Assessors
  • Widely used among healthcare organizations of all sizes

Enhanced Capabilities Include:

  • Risk assignment and prioritization
  • Remediation tracking
  • Automated task reminders
  • Real-time reporting
  • Year over year import of assessments

Security Risk Assessment Engagement Types

Self Assessment

Independently Conduct your Security Risk Assessment (SRA)

Our Self SRA Includes:

  • Kick-Off call
  • Assessor support
  • Access to policy and procedure template library
  • Customer independently conducts assessment & remediation planning
  • Customer signs final report

Facilitated Remote Assessment

Online Assistance to Conduct your Security Risk Assessment

Remote SRA Includes:

  • Kick-Off call
  • Assessor Support
  • Access to policy and procedure template library
  • Assessment responses and remediation plan reviewed by Assessor
  • Assessor reviews and signs final report

Validated Assessment

Assessor-Led Risk Assessment

Our Validated SRA Includes:

  • Everything in Facilitated Remote Assessment, PLUS: 
  • Full step-by-step facilitation of the SRA by a qualified assessor 
  • Evidence based findings verified by Assessor
  • Historical trend analysis of previous HIPAA SRA’s
  • Physical walk-through guidance
  • Automated vulnerability scan(s)
  • Executive and technical presentations

Every Privacy Risk Assessment incorporates OCR Audit Protocol and maps findings to the NIST cybersecurity framework

Backed by our team of certified professionals, we provide the structure, detail, and clarity you need to:

  • Evaluate HIPAA/HITECH compliance
  • Document current state of security controls
  • Meet the requirements associated with Meaningful Use
  • Identify gaps that pose true business risk
  • Create a practical remediation roadmap
  • Establish a sustainable operating model for information security and privacy

Our Security Risk Assessment will help you:

  • Identify threat sources and events
  • Identify vulnerabilities
  • Determine likelihood of breach occurrence
  • Determine magnitude of impact
  • Understand your risk

SRA Process

Additional Information

Blog Post

Focused SRA: Remote Work for Healthcare Organizations in the Age of COVID-19


Performing an Annual Security Risk Assessment

SRA Checklist

Take a fresh look at your Annual Security Risk Assessment