Jocelyn Samuels, director of the Department of Health and Human Services Office for Civil Rights – spotlighted the importance of conducting a timely risk assessment, as required under the HIPAA Security Rule, to pave the way for mitigating risks and avoiding breaches. Her remarks came during a Sept. 23 keynote presentation at the annual HIPAA conference sponsored by OCR and the National Institute of Standards and Technology.
“We continue to see a lack of comprehensive and enterprise wide risk analysis and risk management that leads to major breaches and other compliance problems,” Samuels said. “That is why enforcement is a critical part of our arsenal of tools to ensure compliance. Resolution agreements that include a monetary settlement are only a small fraction of complaint and compliance reviews we undertake. These enforcements send out an important message about compliance issues and the need for covered entities and business associates to take their obligations seriously.”
Read the entire article via the link below.
http://www.healthcareinfosecurity.com/ocr-conduct-risk-analysis-or-else-a-7352
InfoTech Innovators is here to help… https://infotechinnovators.com/hipaa-risk-assessment-service/
