Skip Ribbon Commands
Skip to main content
print/style%20library/AHCA/images/iconFacebook.png/style%20library/AHCA/images/iconLinkedIn.png/style%20library/AHCA/images/iconTwitter.png/style%20library/AHCA/images/iconMail.png

Risk Assessment and Security Tools

 

 Information System Security Breach Notification

 
A data security breach occurs when there is a loss or theft of, or other unauthorized access to, sensitive personally identifiable information that could result in the potential compromise of the confidentiality or integrity of data. Most states, the District of Columbia, Puerto Rico, and the Virgin Islands have laws requiring notification of security breaches involving personal information.
 

 Data Security Member-Only Resources (login required)

 
  
  
Survey of State Laws - Long Version Legal-Sized (2008).pdfSurvey of State Laws - Long Version Legal-Sized (2008)
Survey of State Laws - Long Version Letter-Sized (2008).pdfSurvey of State Laws - Long Version Letter-Sized (2008)
Survey of State Laws - Short Version (2008).pdfSurvey of State Laws - Short Version (2008)
 

 Risk Assessments

 
​Conducting a risk analysis is the first step in identifying and implementing safeguards that comply with and carry out the standards and implementation specifications in the HIPAA Security rule.
 

 Risk Assessments Member-Only Resources (login required)

 
  
  
Application Security Controls Assessment Tool (2004).xlsApplication Security Controls Assessment Tool (2004)
How to Conduct Your Security Risk Assessment (2004).pdfHow to Conduct Your Security Risk Assessment (2004)
LTC Risk Assessment Matrix (2004).xlsLTC Risk Assessment Matrix (2004)
LTC Risk Assessment Matrix Instructions (2004).pdfLTC Risk Assessment Matrix Instructions (2004)
Risk Assessment Training (2004).pptRisk Assessment Training (2004)
Disclaimer: These documents/forms and flow charts are presented as models only by way of illustration. They have not been reviewed by counsel. Before applying a particular form to a specific use by your organization, they should be reviewed by a counsel knowledgeable concerning federal and state privacy laws related to the use of medical records.
.