The HHS Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have released a new version of their popular Security Risk Assessment (SRA) Tool, adding features that will help users—generally small- to medium-sized provider practices—track their progress.[1]
The tool is designed to help health care providers conduct a risk analysis as the HIPAA Security Rule requires. The downloadable SRA tool is a Windows-based desktop application that walks users through the security risk assessment process using multiple choice questions, threat and vulnerability assessments, and asset and vendor management.
References and additional guidance are provided via the tool’s sections, and the tool also offers reports to save and print after the assessment is completed. The update just released is version 3.4 of the tool.