top of page

Security Risk Analysis (SRA) Requirements

Updated: Jan 20

The Security Risk Analysis is to provide a detailed understanding of the organization's risks to Confidentiality, Integrity, and Availability of e-PHI. The Security Risk Analysis is to include:




Elements of a Risk Analysis

Scope of the Analysis

Data Collection

Identification and Documentation of Potential Threats and Vulnerabilities

Assessment of Current Security Measures

Likelihood of Threat Occurrence

Potential Impact of Threat Occurrence

Level of Risks

Final Documentation

Periodic Review and Updates to the Risk Assessment

45 CFR § 164.308 - Administrative safeguards.


Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page