9. Effective Privacy Risk Assessments

As privacy professionals, we want to make sure we have all the tools we need to perform our duties. One of the most important tools is the risk assessment process. The U.S. Department of Health & Human Services (HHS) Office of Inspector General (OIG), the U.S. Federal Sentencing Guidelines, and the HHS Office for Civil Rights (OCR) all stress the importance of conducting risk assessments. In addition, because we all have limited resources, we need a process that will allow us to prioritize the risks. We need a method that offers a way to create our privacy work plan and our privacy audit and monitoring plan.

Ever since the enactment of the Health Insurance Portability and Accountability Act (HIPAA), healthcare providers have been required to conduct risk assessments to help ensure that sensitive health information remains private.

This document is only available to subscribers. Please log in or purchase access.