25% of Healthcare Organizations Do Not Conduct Security Risk Assessments

One-quarter of healthcare organizations do not conduct security risk assessments, according to the 2011 HIMSS Security Survey (pdf).

The assessment is a requirement for both HIPAA and the electronic health record meaningful use incentive programs.

The survey by the Healthcare Information & Management Systems Society includes responses from 329 IT and security professionals employed by hospitals and ambulatory care providers. The percent of healthcare organizations conducting these assessments has remained stable at 75 percent across the four years HIMSS has issued the survey.

Meaningful use also requires organizations correct deficiencies identified in the risk analysis. The survey found more than 80 percent of the respondents who conduct a risk assessment use the assessment information to determine what security controls to implement.

Related Articles on Health IT Risk Assessments:

5 Steps to Minimize the Risk of Data Breaches
Key Compliance Considerations When Implementing EMRs

Ensuring Legal and Regulatory Compliance in 2011: Q&A With Compliance Experts Debbie Wheeler and Thomas Tammany



Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Articles We Think You'll Like

 

Featured Whitepapers

Featured Webinars