By Carl Kunkleman
Sr. Vice President and Co-Founder
ClearDATA
I recently hosted a webinar that examined the HIPAA Risk Assessment and how your organization can and should be assessing your security gaps before you get audited or hacked. It was well attended and is now available on demand here.
In the webinar, I walk you through what a Security Risk Assessment (SRA) is, and how it can protect your organization. Unfortunately, identifying your security gaps before a hacker does has never been more critical as we are seeing increased cybercrime attempts in the wake of COVID-19.
I’ll share how to conduct an SRA to be sure you are measuring the right things, so you’ll meet regulatory requirements that govern SRAs. You’ll see what an SRA measures and learn more about how to make it actionable and accountable by mobilizing on the remediation road map.
There are pros and cons to doing your SRA in-house, and I’ll spell those out to save you some time and money.
Here’s the main thing I want you to know. At ClearDATA, we’ve done hundreds of SRAs and have always – 100% of the time – found a security gap that needed to be remediated. Do you know where yours are? I can assure you a cybercriminal is looking for them right now if you work in healthcare.
Here’s a short video that gives you an overview of what an SRA is and you’ll learn a lot more in the webinar.
In the stream-on-demand version of the webinar you’ll also get to hear the questions the live audience asked, and my answers to those. These questions included:
- Why is a PHI inventory important?
- How much of your time will it take for us to conduct an SRA of your organization?
- What kind of report will you get that allows you to take action now that risks are identified?
- How to look at policies and procedures – often a common gap location
- What are some tips about breach notification do’s and don’ts, and more
Give it a listen here, and then reach out to us to learn how to schedule your SRA. Don’t wait until it’s too late and you’re having to contact attorneys about a security incident.