HIPAA Blog

[ Monday, March 18, 2019 ]

Cyber Risk Assessments or Security Risk Assessments ("SRAs") are pretty common in the privacy universe. In fact, doing some form of an SRA (and regularly repeating/updating) is a required activity for any HIPAA covered entity or business associate. How do you know what types of safeguards are reasonable and appropriate for your business if you don't understand what your risks are? However, before you go off and do one, here are 5 questions you should ask. (One note: I'd add HITRUST to the "frameworks" listed in question 2.)

Jeff [12:43 PM]

Comments: Post a Comment

http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template