Much has changed since HIPAA first established standards for the use and disclosure of protected health information (PHI). With the advent of electronic health records now in the mix, providers that are covered entities or business associates under HIPAA have an entirely new and different level of responsibility for safeguarding information.
With this ever-changing landscape comes a host of uncertainty about how to best assess risk and ensure security is appropriately implemented across the organization (see Top 10 Myths Surrounding Security Risk Management
). Despite the questions, there are several undisputed facts that can help guide covered entities and business associates in confidently creating a holistic information security risk management program.
In part two of a two part series, we present the top 10 truths about information security risk management.
Download the article below to read more.
Length: 3 pages (PDF 266 kB)