The HHS Office of the National Coordinator for Health Information Technology (ONC) has released a new version of its Security Risk Assessment (SRA) Tool, adding features that make it easier for organizations—particularly smaller ones—to use. New features include flexible section navigation and a file recovery system, developers told attendees at a recent webinar describing the changes.[1]
The SRA Tool can help small practices and other health care organizations evaluate their security posture against increasingly sophisticated security attacks, and help them determine where they may not be in compliance with the HIPAA security rule. However, organizations need to use the tool thoughtfully and recognize that it may not identify all risks.