Risk Assessment Toolkit

The HIMSS Risk Assessment Toolkit will guide your healthcare organization through the security risk analysis and risk management process.

A Security Risk Assessment is a foundational step in the development of a comprehensive security program and is required by the HIPAA Security Rule and the CMS Meaningful Use Incentive Program.

The HIMSS Risk Assessment Toolkit provides resources to help organizations understand risk assessments, including a step-by-step Security Risk Assessment Guide/Data Collection Matrix.

The toolkit is organized into the following sections:

Introduction to the Toolkit & Security Risk Assesment Basics
HIPAA, ARRA/HITECH Act and Meaningful Use Compliance Resources
Threats, Vulnerabilities and Malware
Mitigation Strategies
Security Standards, Frameworks & Configuration Baselines
Training & Certification

Listen to our two part podcast on what you need to know about conducting security risk assessments!

View More Privacy & Security Toolkits

Got feedback?

Send comments & submit ideas for new content!

Participate in the 2017 HIMSS Cybersecurity Survey

Your voice is needed! As part of HIMSS’s ongoing health IT research efforts, we are asking you to share your thoughts on the 2017 HIMSS Cybersecurity Survey, which gauges the perceptions and practices of U.S. healthcare organizations on a number of cybersecurity topics facing the health sector.
Take the Survey