left-caret
Insights

client alerts

New HIPAA Tool Makes Compliance Easier, but may also Increase Likelihood of Enforcement

April 15, 2014

By JAMES F. OWENS & JOSH R. HILL

Last month, the US Department of Health and Human Services (HHS) released a security risk assessment tool (SRA Tool) for use by covered entities, with the goal of increasing compliance with the HIPAA Security Rule by helping them perform proper risk assessments. While the tool is likely to help covered entities comply with the risk assessment obligations of HIPAA and thus result in less HIPAA violations, it may also increase enforcement against those who fail to satisfy risk assessment requirements, as the excuses for failure will be less persuasive now that the SRA Tool has been made available.