We want to help you to properly comply with HIPAA rules and regulations. We have found that most practices either think they are HIPAA compliant and are not, or simply ignoring the regulations. This is too big of a risk to take. We would like to look at your current state of HIPAA compliance to make sure you are in good standing. A key part of being HIPAA compliant is to have an Independent Security Risk Analysis performed. However, an SRA should be performed by an expert. This is not our recommendation – this is according to CMS.
On page 5, it is stated: “It is possible for small practices to do risk analysis themselves using self-help tools. However, doing a thorough and professional risk analysis that will stand up to a compliance review will require expert knowledge that could be obtained through services of an experienced outside professional.”
securityriskassessment_factsheet_updated20131122