EMR Resources from Physicians EHR
EHR EMR Bookstore
EHR Vendor Directory
EHR Implementation
EHR Coaching & Training
eHealth Report
EHR Resources
EHR News
EHR/EMR Careers
Our Partners
Mailing Lists
Shopping Cart
Your cart is empty.

Sample HIPAA Security Risk Assessment For a Small Physician Practice

Administrative, Physical, and Technical Safeguards Breach Notification Rule

This sample risk assessment provides you with a series of sample questions to help you prioritize the development and implementation of your HIPAA Security policies and procedures. While this risk assessment is fairly lengthy, remember that the risk assessment is required and it is critical to your compliance with the Security Rule. These sample questions cover Administrative, Physical, and Technical Safeguards, and the Breach Notification Rule, and are only representative of the issues you should address when assessing different aspects of your practice. Keep your completed risk assessment documents in your HIPAA Security files and retain them in compliance with HIPAA document retention requirements.

HIPAA Security requires Covered Entities to protect against any reasonably anticipated threats or hazards to the security or integrity of electronic Protected Health Information ("ePHI") and to implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level. Assessing risks is only a first step. You must use the results of your risk assessment to develop and implement appropriate policies and procedures.

Reproduction and use of this form in the physician office by physicians and their staff is permitted. Any other use, duplication, or distribution of this form requires the prior written approval of the American Physician Association. This form is educational only, does not constitute legal advice, and covers only federal, not state, law.”

Download PDF HIPAA Security Readiness Assessment - PDF download (920kb)

Download Word Doc HIPAA Security Readiness Assessment - Word document download (241kb)