Overview

The Security Risk Assessment (SRA) is a mandatory component of the administrative safeguards required under HIPAA. It is a formalized process designed to identify and evaluate potential risks and vulnerabilities to PHI within an organization’s systems and practices.