Medical Practice IT Risk Assessment

Conducting an internal health IT risk assessment is a HIPAA requirement, and also protects your patients' data. To get started, use this security matrix.

Marion Jenkins is chief strategy officer at 3t Systems, a Colorado-based healthcare consulting firm. He says that HIPAA requires all medical practices to conduct an internal IT risk assessment to make sure that patients' protected health information is secure. Practices can do this themselves, but because of the complexity, Jenkins says, they should be well-informed on HIPAA requirements first. To get started, download 3t System's HIPAA Security Rule Master Matrix.

*To learn more about keeping your patient data secure, read "Protect Your Practice Data Against a Breach."