Security Risk Analysis

What you need to know for MIPS, HIPAA & Audits

Why this annual requirement is more important than ever

Every year, healthcare organizations review or conduct their Security Risk Analysis (SRA) to be in compliance with HIPAA or other pay for performance programs like MACRA / MIPS. Attendees will learn the basic requirements of the Security Risk Analysis (SRA), as well as how there is not a “one-size fits all” approach. In addition, the importance of conducting a proper SRA will be highlighted through HHS’s HIPAA audits throughout. The resulting guidance of HHS and CMS will be explained, as well as required and addressable elements of the SRA will be outlined for attendees. Common missteps will be addressed, as well as how to mitigate any HIPAA audit risk. In addition, attendees will learn what Policies and Procedures they should implement in their organization to supplement the SRA.


Attendees will learn…

  • How to implement a comprehensive Security Risk Analysis program annually for government and pay-for-performance requirements.
  • Incorporation of a rating scale into a new or existing Security Risk Analysis to determine an overall rating of risk in relation to a Threat Vulnerability Statement.
  • The impact of importance and preparation for future Office of Civil Rights Audits.