Question

Health care organization compliance with HIPAA is critical. Small health care organizations often struggle with ensuring this, however. There are a number of risk assessment tools for health care organizations. These tools are both proprietary and open source. IT security professionals in these organizations need to be familiar with the range of tools available, their effectiveness, and their cost.

Discussion Question

Read the following case study: Case Study: Information Security Risk Assessment for a Small Healthcare Clinic using the Security Risk Assessment Tool Provided by HealthIT.gov.

Consider the following questions in your post:

• What positive benefits and positive uses of the security risk assessment tool (SRA) provided by HealthIT.gov did the authors find? 

• What drawbacks of this tool did the authors discuss?

Answer 1

POSITIVE BENEFITS:

Software is well packaged and easy to use.
At certain steps quick tips are provided by software to help if there's some problem and the best feature of all is producing final report.
Ability to get into the asset type and also gives status when standing on different stages and it also tracks or assign these questions

Drawbacks:
   Technical problem arises when loading saved assessment that results in repeating same work.
   Takes too much time going through the tool or asking similar questions from different angles.
The maintenance of documentation in the key area is one of the largest gaps.