HIPAA Security Risk Assessment Guidance


Trying to stay compliant and avoid legal & compliance risks? Cyber Risk Navigator will help you find and prioritize the security gaps that can put operations at risk, providing a clear remediation roadmap your team can actually execute.


Contact CyberRN


Certified Healthcare & Security Leadership

Trusted advisor to healthcare, education and non-profits

Why Choose Cyber Risk Navigator

Decades of experience keeping healthcare organizations compliant and prepared

HIPAA Risk Assessment Deliverables

A HIPAA Risk Assessment Includes

How The HIPAA Risk Assessment Process Works

CyberRN will conduct an assessment, identify risks, develop action plan, deliver report and provide ongoing support if desired

01

Assessment

The first step is to establish current cybersecurity maturity by completing a risk assessment to identify current strengths and opportunities to reduce risks.


Risk assessments generally take a week to complete and does require availability of key staff within your organization.

02

Assessment Review

Review assessment results and current cybersecurity maturity. Discuss highest risk gaps in cybersecurity maturity and align with business goals.


03

Establish Cybersecurity Roadmap

Establish a 12 month roadmap for cybersecurity initiatives to improve cybersecurity maturity.

04

Deliver Reports

Deliver assessment reports and 12-month maturity roadmap.

05

Engagement Complete

Once reports are delivered the engagement is closed unless you've contracted for additional hours for ongoing support or project services.

06

Repeat in 12 Months

HIPAA requires at least an annual risk assessment.

Client Feedback

Proven cybersecurity leadership

HIPAA Risk Assessment Guidance You Can Depend On

Why you can count on Cyber Risk Navigator from start to finish

HIPAA Risk Assessment FAQs

What exactly is included in a HIPAA risk assessment?

Deliverables include assessment report and prioritized risk-based action plan.

How long does a HIPAA risk assessment take?

Risk assessments generally take 1 - 2 weeks to complete.

Week one is the interview and assessment aspect.

 Week two is focused on report and action plan development.

How much time will my team need to spend on this?

Risk assessments generally require 20-30 hours of interviews with key staff. Most staff will spend 1-3 hours of effort.

Will this disrupt patient care or daily operations?

No disruption to operations will occur.

What will I have to show for audits, vendors, or leadership?

A full report that includes your maturity rating, strengths and opportunities will be provided.

Do you offer ongoing support after the initial engagement?

Yes, CyberRN can provide periodic reviews, and updates to your cybersecurity strategy through our fractional leadership offering which is customized to your unique requirements.

Let’s Get Started!

I'll Guide You Through It.

Get started with a HIPAA Risk Assessment and clear, step-by-step guidance from an experienced healthcare security professional.