The SRA Tool is a software application that a health care provider can use, along with other tools & processes, to assist in reviewing its implementation of the HIPAA Security Rule, basic security practices, security failures, risk management, and personnel issues.
The SRA Tool is available at no cost and can be used with several operating systems, including Microsoft Windows for desktop and laptop computers and Apple iOS for iPad.
Security Rule and covers basic security practices, security failures, risk management, and personnel issues.
Basic security practice questions include defining and managing access to systems and PHI, backups and data recoveries; and technical and physical security.
Risk management questions address periodic reviews and evaluations and can include regular functions, such as continuous monitoring.
Lastly, personnel issue questions address access to information as well as the on-boarding and release of staff as well as helping to identify areas where staff training may be appropriate, for example, not sharing passwords.