Difference between revisions of "Risk analysis"
From Clinfowiki
| Line 1: | Line 1: | ||
| + | == Definition 1 == | ||
Risk Analysis is systematic and ongoing process of identifying threats, controls, and vulnerabilities—as well as their likelihood of impact—to arrive at an overall rating of risk. <ref name="AHIMA 2013">AHIMA. "Security Risk Analysis and Management: An Overview (Updated)." Journal of AHIMA 84, no.11 (November–December 2013): expanded web version.http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=%28risk+analysis+and+security%29%3Cand%3E%28xPublishSite%3Csubstring%3E%60BoK%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_050533&HighlightType=HtmlHighlight&dWebExtension=hcsp</ref> | Risk Analysis is systematic and ongoing process of identifying threats, controls, and vulnerabilities—as well as their likelihood of impact—to arrive at an overall rating of risk. <ref name="AHIMA 2013">AHIMA. "Security Risk Analysis and Management: An Overview (Updated)." Journal of AHIMA 84, no.11 (November–December 2013): expanded web version.http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=%28risk+analysis+and+security%29%3Cand%3E%28xPublishSite%3Csubstring%3E%60BoK%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_050533&HighlightType=HtmlHighlight&dWebExtension=hcsp</ref> | ||
Regulatory HIPAA Security Rule and Meaningful Use require [[Risk Analysis and Security]] of the current installed healthcare system. | Regulatory HIPAA Security Rule and Meaningful Use require [[Risk Analysis and Security]] of the current installed healthcare system. | ||
| + | |||
| + | == Definition 2 == | ||
| + | [https://www.healthit.gov/ HealthIT.gov] defines risk analysis in terms of healthcare as assessment of the healthcare organization and ensuring that the organization is "compliant with HIPPA's administrative, physical, and technical safeguards." <ref name="HealthIT.gov"> HealthIT.gov. (2014). ''Security Risk Assessment.'' Retrieved from https://www.healthit.gov/providers-professionals/security-risk-assessment </ref> This assessment can reveal where the organization's [[PHI | protected health information (PHI)]] could be at risk. | ||
| + | |||
== References== | == References== | ||
<references/> | <references/> | ||
Revision as of 19:10, 24 November 2015
Definition 1
Risk Analysis is systematic and ongoing process of identifying threats, controls, and vulnerabilities—as well as their likelihood of impact—to arrive at an overall rating of risk. [1]
Regulatory HIPAA Security Rule and Meaningful Use require Risk Analysis and Security of the current installed healthcare system.
Definition 2
HealthIT.gov defines risk analysis in terms of healthcare as assessment of the healthcare organization and ensuring that the organization is "compliant with HIPPA's administrative, physical, and technical safeguards." [2] This assessment can reveal where the organization's protected health information (PHI) could be at risk.
References
- ↑ AHIMA. "Security Risk Analysis and Management: An Overview (Updated)." Journal of AHIMA 84, no.11 (November–December 2013): expanded web version.http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=%28risk+analysis+and+security%29%3Cand%3E%28xPublishSite%3Csubstring%3E%60BoK%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_050533&HighlightType=HtmlHighlight&dWebExtension=hcsp
- ↑ HealthIT.gov. (2014). Security Risk Assessment. Retrieved from https://www.healthit.gov/providers-professionals/security-risk-assessment
