HIPAA Security Risk Analysis Tips – NIST Updates

If you’re into “graduate level” risk management, you should be aware of some changes undertaken by the National Institute of Standards and Technology (NIST).   Here’s today’s big tip – Risk Assessment breaks out with special treatment! 

Check out the Clearwater’s HIPAA Risk Analysis Software to jump-start your program.

Special Publication 800-39 supersedes the original Special Publication 800-30 as the source for guidance on risk management. Special Publication 800-30 is being revised to provide guidance on risk assessment as a supporting document to Special Publication 800-39.

This brand new SP800-39 publication takes over the “big picture” view of the overall four-step Risk Management process.

The new SP800-30 Revision 1, focuses on risk assessment, step one in the risk management process.

SP800-39 was developed by the Joint Task Force Transformation Initiative Interagency Working Group with representatives from the Civil, Defense, and Intelligence Communities in an ongoing effort to produce a unified information security framework for the federal government.

As required by The HITECH Act, the Office for Civil Rights has issued final “Guidance on Risk Analysis Requirements under the HIPAA Security Rule”.  (July 2010).  We advise all Covered Entities and Business Associates to review the Final Guidance and become familiar with the applicable standards and implementation specifications.

Contact us for more information or to learn about a tailored Clearwater HIPAA Audit Prep WorkShop™ or the Clearwater HIPAA Audit Prep BootCamp™ series.

Please avail yourself of any of these free resources which you may access now by clicking on the links below:

• Risk Analysis Buyer’s Guide 
• Expert 2nd Opinion on Your HIPAA Risk Analysis
• Clearwater Compliance White Paper: Risky Business: How to Conduct a Bona Fide HIPAA Security Risk Analysis
• Clearwater Recorded Webinar event entitled How to Conduct a Bona Fide HIPAA Security Risk Analysis
• IRM|Analysis™- Clearwater’s Risk Analysis and Risk Management software DataSheet
• IRM|Analysis™- Clearwater’s Risk Analysis and Risk Management software Free Trial for qualified organizations
• More Risk Analysis Resources

• About
• Latest Posts

Bob Chaput

CEO at Clearwater Compliance

Bob Chaput is widely recognized for his extensive and in-depth knowledge of healthcare compliance and cyber risk management, and is one of the industry’s leading authorities in healthcare information security today. As a leading authority safeguarding health data, Chaput has supported hundreds of hospitals and health systems to successfully manage healthcare’s evolving cybersecurity threats and ensure patient safety.

Latest posts by Bob Chaput (see all)

• HIPAA Risk Analysis Tip – Part 5 – Questions & Answers from May 3rd Conversation with Former OCR Director Leon Rodriguez - June 5, 2017
• HIPAA Risk Analysis Tip – Part 4 – Questions & Answers from May 3rd Conversation with Former OCR Director Leon Rodriguez - May 29, 2017
• HIPAA Risk Analysis Tip – Part 3 – Questions & Answers from May 3rd Conversation with Former OCR Director Leon Rodriguez - May 21, 2017