This entry is part 36 of 52 in the series HIPAA Security Risk Analysis Tips

There are many wrong ways and one correct way to conduct a HIPAA Risk Analysis!  The foundational risk analysis required at 45 CFR §164.308(a)(1)(ii)(A) is an ongoing requirement.  Here’s today’s big TIP — Learn How To Conduct a Bona Fide HIPAA Risk Analysis.  

HIPAA Risk Analysis Tip – How To Conduct a Bona Fide HIPAA Risk Analysis

Here are the big points to remember:

  • There’s a Right Way and Many Wrong Ways
  • First Time – Lots of Work, if done properly
  • It’s Not Once and Done
  • Risk Analysis adverse findings are the Single Biggest Audit & Investigation Findings
  • Risk Analysis  is not the same as Risk Treatment
  • Risk Analysis is not the same as Security Assessment (Evaluation)

Watch Our Recorded, On Demand Webinar

Download HIPAA Risk Analysis Buyer’s Guide Checklist

We are often asked, “How do I go about selecting a reputable firm to complete a bona fide HIPAA Security Risk Analysis?”  This HIPAA Risk Analysis Buyer’s Guide Checklist is an easy-to-use tool to assist you in comparing alternative solutions and making your selection.

Other Help Getting Started With Your Bona Fide HIPAA Risk Analysis

Over the years, we’ve helped 100s of organizations complete their HIPAA Risk Analysis. Please benefit from our HIPAA Risk Analysis expertise by:


Contact us for more information or to learn about a tailored Clearwater HIPAA Audit Prep WorkShop™ or the Clearwater HIPAA Audit Prep BootCamp™ series.

More HIPAA HITECH Resources:

The complete HIPAA Privacy, Security and Breach regulations are here.

Join our AboutHIPAA LinkedIn Group:
Follow us on Twitter
Subscribe to our eNewsletter
Attend a live educational webinar.

Series Navigation<< HIPAA Risk Analysis Tip – HIPAA Risk Analysis Buyer’s Guide ChecklistHIPAA Risk Analysis Tip – EHR Pre- and Post-Payment Audits >>

Bob Chaput

CEO at Clearwater Compliance
Bob is the CEO and Founder of Clearwater Compliance. He has 25 years of experience in the Healthcare industry, and his experience includes managing some of the world’s largest HR, benefits and healthcare databases, requiring the highest levels of security and privacy. Mr. Chaput continues to expand and update his knowledge base on HIPAA-HITECH compliance through postgraduate study, earning professional certifications and participating in professional healthcare and other organizations.