The SRA Tool is a desktop application that walks users through the security risk assessment process using a simple, wizard-based approach. The target audience of this tool is medium and small providers thus, use of this tool may not be appropriate for larger organizations. The tool is designed to help healthcare providers conduct a security risk assessment as required by the HIPAA Security Rule.
The Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the HHS Office for Civil Rights (OCR), developed a downloadable Security Risk Assessment (SRA) Tool to help guide you through the process. What is the Security Risk Assessment Tool (SRA Tool)? To learn more about the assessment process and how it benefits your organization, visit the Office for Civil Rights' official guidance. A risk assessment also helps reveal areas where your organization’s protected health information (PHI) could be at risk. A risk assessment helps your organization ensure it is compliant with HIPAA’s administrative, physical, and technical safeguards.
The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires that covered entities and its business associates conduct a risk assessment of their healthcare organization.