Security gets interactive with HIPAA compliance assessment app

The release of a security risk assessment tool to assist providers with HIPAA compliance was announced by the Department of Health and Human Services.

The Department of Health and Human Services released a security tool to assist health organizations in conducting a HIPAA compliance assessment. This tool is currently available as a Windows application and an iPad-only app.

The tool provides an interactive alternative version of the security rules available in Excel format. This will help small to medium-sized medical practices efficiently identify gaps within their security policies and procedures. The mobile app asks users which state they reside in and provides examples and a detailed explanation of the HIPAA Security Rule.

"Protecting patients' protected health information is important to all health care providers and the new tool we are releasing today will help them assess the security of their organizations," said Karen DeSalvo, M.D., national coordinator for health IT, in an HHS release about the risk assessment tool.

This HIPAA compliance assessment tool may help assist many small to mid-size practices identify potential weaknesses that may affect the integrity and security of stored patient health information. This security check can be performed by practice administrators in cooperation with some of their staff, using their IT resources.

The mobile app also provides users the ability to print a comprehensive security report, summarizing any findings and results. It also helps maintain visibility over when changes have been made to any of the security rules, which allows the practice to update their security procedures accordingly.

Other security and data breach tools

Patient data security can't take a back seat to IT implementations

Frequency, costs of data breaches decreasing

HIPAA risk assessments a starting point for security plans

As the HHS Office of Civil Rights and the ONC emphasize the need to protect patients' health records, medical organizations must take all the appropriate steps to ensure their systems are reviewed and have the appropriate safeguards in place to shield against security breaches or data loss.

About the author:
Reda Chouffani is vice president of development with Biz Technology Solutions Inc., which provides software design, development and deployment services for the healthcare industry. Let us know what you think about the story; email
 [email protected] or contact @SearchHealthIT on Twitter.

Dig Deeper on Electronic health records security compliance

Cloud Computing
Mobile Computing