Call us directly: 1-787-412-6430

7000 N Plaza Austin, TX 78753 USA View Location

100 Blvd Paseos 1030, PR 00926 USA View Location

BA Risk Assessment

Since January 2016 close to $6 million in HIPAA fines have been levied for not having a BAA in place. Additionally, HHS OCR has begun Phase II audits.

Why perform a Business Associate HIPAA risk assessment?

  • To determine which business associates present the highest security risk to the CE.
  • To standardize business associate risk management and oversight process.
  • To identify which business associates require a more in-depth review of their security program.
  • To provide a shared basis of understanding between CE’s and BA’s that supports mutually-beneficial IT security programs and/or other operational process improvements
Docutek’s Business Associate HIPAA risk assessment provides HIPAA covered entities (CE’s) with an enterprise risk model to determine their exposure related to sharing protected health information (PHI) with business associates (BA’s). The result is a comparative scoring of risk across a hospital’s business associate population, enabling health information managers to develop and implement mitigation strategies that will have the highest impact.