Most health care organizations clearly understand the reasons for having a formal risk management program, which includes periodic assessments and analysis. The HIPAA Security Rule requires it, Meaningful Use attestation requires it, and depending on your business, other regulatory or industry standards (i.e., Payment Card Industry) may require it. But aside from the obvious reasons, there are other benefits as well. Risk management can also benefit health care organizations in other less obvious yet equally valuable ways.
Length: 2 pages (PDF 51 kB)