The Office of the National Coordinator for Health Information Technology (ONC) and the Office for Civil Rights (OCR) have released version 3.3 of their popular Security Risk Assessment (SRA) Tool for health care organizations.[1]
This tool, authored by the two agencies within HHS, is designed to help small- and medium-sized health care organizations assess their own security risks. Last year, ONC reached out to users via a survey to identify and prioritize potential updates;[2] many of the updates in version 3.3 are a result of that process, according to HHS.