Lexology October 10, 2025
Hunton Andrews Kurth LLP

The U.S. Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) and the Assistant Secretary for Technology Policy (“ASTP”) have released a new version (Version 3.6) of their Security Risk Assessment (“SRA”) Tool, along with an updated SRA Tool User Guide. (Note that on the date of this post, the ASTP website was down due to the federal government shutdown).

HHS developed the SRA tool to help small and medium-sized healthcare providers comply with the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”) Security Rule. The tool assists healthcare organizations in identifying and assessing potential risks and vulnerabilities to their electronic protected health information in compliance with the HIPAA Security Rule, and provides education on...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: ASTP/ONC, Cybersecurity, Govt Agencies, HHS, Technology
Related Articles:
Charted: Where measles is surging (again)
Opinion: Our podcast ‘Why Should I Trust You?’ connects MAHA and public health. Here’s what we’ve learned
Journalists Mine News for Insights on Tylenol, Obamacare Credits, and Rural Health Funding
CDC pauses, then unpauses billions in public health infrastructure grants to states
US Withdraws from World Health Organization

Share Article