New HIPAA Tool Makes Compliance Easier, but may also Increase Likelihood of Enforcement
April 15, 2014
BY JAMES F. OWENS & JOSH R. HILL
Last month, the US Department of Health and Human Services (HHS) released a security risk assessment tool (SRA Tool) for use by covered entities, with the goal of increasing compliance with the HIPAA Security Rule by helping them perform proper risk assessments. While the tool is likely to help covered entities comply with the risk assessment obligations of HIPAA and thus result in less HIPAA violations, it may also increase enforcement against those who fail to satisfy risk assessment requirements, as the excuses for failure will be less persuasive now that the SRA Tool has been made available.