Risk Assessment
From Clinfowiki
As of 2012, the healthcare industry had still not reached maturity in terms of establishing a protocol for conducting risk assessment of systems. The 2005 HIPAA Security Rule initiated a requirement that risk assessments be conducted, but left a lot of room for interpretation. However, organizations are being forced to catch up because of increase incidence of data breaches (up nearly 200% between 2010 and 2011), increased government oversight, and the Stage 1 Meaningful Use requirement that "hospitals and eligible professionals must "conduct or review a security risk analysis" to qualify for incentive payments.