ComplianceOnline

Risk Analysis


A risk analysis process includes, but is not limited to, the following activities:

  • Evaluate the likelihood and impact of potential risks to e-PHI
  • Implement appropriate security measures to address the risks identified in the risk analysis;
  • Document the chosen security measures and, where required, the rationale for adopting those measures; and
  • Maintain continuous, reasonable, and appropriate security protections.