There have been some discussions as it regards the HIPAA Security Risks Assessments (SRA) and the requirement to perform one. Some rumors claim that SRA’s are no longer required as they were part of Meaningful Use and this program has been terminated. Other rumors claim that SRAs are only for Medicare Providers and that the same do not apply to those that do not treat the Medicare population. Our intent with this article is to get the record straight.

Conducting a HIPAA Security Risk Assessments (SRA) is a legal requirement that is not going anywhere. There have been some changes…