Security Risk Assessment
A Better Way to Manage Your HIPAA Security Compliance
Simplify your HIPAA Security Risk Assessment
Progressive healthcare organizations and business associates perform a Security Risk Assessment (SRA) on an annual basis to maintain HIPAA compliance and fulfill their obligations to PHI security and privacy. Our HIPAA SRA offering combines Intraprise Health’s highly rated security services with our industry leading HIPAA Security Risk Assessment software, HIPAA One®.
Increase capabilities and save time while maintaining costs
Simple, automated, and affordable, our SRA removes the administrative burden of compliance. Our cloud-based software follows OCR Audit Protocol and is based on NIST-methodologies to help organizations appropriately respond to and mitigate risks.
You can independently complete your SRA using the HIPAA One® software, or if you would like assistance, our Assessors will work with you in a collaborative, standards-based, and compliance-aware approach to assess your information security and risk management program to help you lower your risk.
Advantages of the HIPAA One® Cloud Software:
- Step-by-step guided approach to compliance
- Up-to-date software including citations for HIPAA, NIST, and 42 CFR Part 2
- Access to our certified Assessors
- Widely used among healthcare organizations of all sizes
Enhanced Capabilities Include:
- Risk assignment and prioritization
- Remediation tracking
- Automated task reminders
- Real-time reporting
- Year over year import of assessments
Security Risk Assessment Engagement Types
Self Assessment
Independently Conduct your Security Risk Assessment (SRA)
Our Self SRA Includes:
- Kick-Off call
- Assessor support
- Access to policy and procedure template library
- Customer independently conducts assessment & remediation planning
- Customer signs final report
Facilitated Remote Assessment
Online Assistance to Conduct your Security Risk Assessment
Remote SRA Includes:
- Kick-Off call
- Assessor Support
- Access to policy and procedure template library
- Assessment responses and remediation plan reviewed by Assessor
- Assessor reviews and signs final report
Validated Assessment
Assessor-Led Risk Assessment
Our Validated SRA Includes:
- Everything in Facilitated Remote Assessment, PLUS:
- Full step-by-step facilitation of the SRA by a qualified assessor
- Evidence based findings verified by Assessor
- Historical trend analysis of previous HIPAA SRA’s
- Physical walk-through guidance
- Automated vulnerability scan(s)
- Executive and technical presentations
Every Privacy Risk Assessment incorporates OCR Audit Protocol and maps findings to the NIST cybersecurity framework
Backed by our team of certified professionals, we provide the structure, detail, and clarity you need to:
- Evaluate HIPAA/HITECH compliance
- Document current state of security controls
- Meet the requirements associated with Meaningful Use
- Identify gaps that pose true business risk
- Create a practical remediation roadmap
- Establish a sustainable operating model for information security and privacy
Our Security Risk Assessment will help you:
- Identify threat sources and events
- Identify vulnerabilities
- Determine likelihood of breach occurrence
- Determine magnitude of impact
- Understand your risk
SRA Process
