Velero Health


Essential Security Risk Assessment will identify and document areas of security risk in the following domains:

  •   Physical – assessment of environment and Physical data protections
  •   Technical – system scan of network identifying risk associated with creation, storage and destruction of ePHI
  •   ePHI - storage, access, and management

A list of deliverables associated with the Essential SRA:

1. Complete HIPAA Risk Analysis

HIPAA is a risk-based security framework and the production of a Risk Analysis is one of primary requirements of the HIPAA Security Rule's Administrative Safeguards. In fact, a Risk Analysis is the foundation for the entire security program. The Risk Analysis helps HIPAA Covered Entities and Business Associates identify the locations of their protected data, how the data moves within, and in and out of, the organization.

2. Evidence of Compliance Report

Regulation (and auditors) require evidence that compliant tasks have been completed. Documentation must be kept for six years. The Evidence of Compliance report includes user & computer information, and other source material to support your compliance activities.

Velero Health, LLC   |   © All Rights Reserved 2021