Client Login

HIPAA Risk Analysis

Sunday, February 12, 2017 | BY: Giaspace

HIPAA is a risk-based security framework and the production of a Risk Analysis is one of primary requirements of the HIPAA Security Rule’s Administrative Safeguards. In fact, a Risk Analysis is the foundation for the entire security program. It identifies the locations of electronic Protected Health Information (ePHI,) vulnerabilities to the security of the data, threats that might act on the vulnerabilities, and estimates both the likelihood and the impact of a threat acting on a vulnerability. The Risk Analysis helps HIPAA Covered Entities and Business Associates identify the locations of their protected data, how the data moves within, and in and out of, the organization. It identifies what protections are in place and where there is a need for more. The Risk Analysis results in a list of items that must be remediated to ensure the security and confidentiality of ePHI. The value of a Risk Analysis cannot be overstated. Every major data breach enforcement of HIPAA, some with penalties over $1 million, have cited the absence of, or an ineffective, Risk Analysis as the underlying cause of the data breach. The Risk Analysis must be run or updated at least annually, more often if anything significant changes that could affect ePHI.

Recent Posts

Morning motivation

I start every morning with taking a picture of the Sunrise coming out of a garage.  This forces me for…

Friday, May 4, 2018

GiaSpace's Office is Moving in May 2018

Most of our Clients know the Story, but there is a positive after all. We are moving to a newly…

Tuesday, May 1, 2018

#DeleteFacebook

#DeleteFacebook  Nowadays it seems most people feel it is OK to voluntarily share their feelings about day to day happenings…

Tuesday, May 1, 2018

Our $20,230 mistake

Our $20,230 mistake. When signing a commercial lease, make sure you have a real estate attorney present to uncover the…

Friday, April 20, 2018

Today the FCC Voted 3/2 to remove regulation on the Monopoly of Internet providers in the USA...

Disclosure: This article is not political, nor picking political sides.  Today the FCC Voted 3/2 to remove regulation on the…

Thursday, December 14, 2017

Ransomware Shut Down a Whole North Carolina County

I saw that North Carolina decided not to pay the Ransomware to get their systems back online and will be…

Friday, December 8, 2017

Comcast Internet Outage Nationwide

As a private cloud provider, we need to make sure we limit downtime for our clients.  Today we received a…

Monday, November 6, 2017

KRACK WPA EXPLOIT

Mathy Vanhoef discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range…

Wednesday, October 18, 2017

There is Always Someone Cheaper

It’s true: There is always someone who will do it cheaper. The image above is one that had resonated with…

Wednesday, October 18, 2017

How to Prevent Ransomware And Discourage Data Kidnappers

If the thought of malware is scary, then the idea of ransomware is downright terrifying. A Trojan might steal sensitive…

Tuesday, October 10, 2017

Trusted By

Free Consultation 866-442-7723

Partners & Certifications