Redspin Announces Expanded Business Associate Scope Within Its HIPAA Risk Analysis Service

Redspin's 'portfolio risk analysis' helps covered entities ensure compliance under HIPAA/HITECH, and better understand the risks of protected health information (PHI) data breach among their business associates. To date, 50% of all PHI records compromised in major breach incidents have involved business associates

Mar 23, 2011, 08:00 ET from Redspin, Inc.

CARPINTERIA, Calif., March 23, 2011 /PRNewswire/ -- Redspin, Inc., a leading provider of healthcare IT security assessments, today announced an expansion of its HIPAA risk analysis services to provide covered entities with increased focus on their risk of PHI data breach from their business associates.

The Department of Health and Human Services' Office for Civil Rights (OCR) recently reported that over 8 million individuals have been affected by major health information security breaches since the HITECH Act breach notification rule took effect in September 2009. Of these, breach incidents involving business associates accounted for 50% of the individuals impacted.

"Business associate risk will continue to represent a growing area of concern as the healthcare industry accelerates migration to electronic health records," said Daniel W. Berger, President and CEO of Redspin. "While making information easier to share among business partners improves communications, efficiency and ultimately patient care, Redspin can help put additional governance in place to ensure secure transmission, storage and stewardship of PHI."

Redspin's HIPAA risk analysis service has been expanded to allow covered entities look at business associate risk on a portfolio basis, applying general information security management principles to a focused subset of their enterprise-wide information security program. Through the use of Redspin's Business Associate Security Questionnaire and other modeling tools, a covered entity can prioritize which business associates present the greatest potential risk, and then dedicate their attention, internal resources and mitigation efforts accordingly.

On March 30th, John Abraham, Redspin's Founder and Chief Evangelist, will be conducting a webinar entitled "Navigating Business Associate IT Security Risk" at 3PM EDT. The webinar is free and open to all interested parties who wish to register at

About Redspin, Inc.

For more than a decade, Redspin has delivered comprehensive IT security testing, risk management and compliance solutions. The company's penetration testing services and security assessments help keep confidential information safe and critical systems secure. Through expert analysis, complete objectivity and business acumen, Redspin serves the healthcare industry as well as banking and financial services, retail, energy, technology, hospitality, and casinos.

SOURCE Redspin, Inc.