skip to Main Content
Talk to a Security Expert Now: (800) 721-9177

Redspin Announces Expanded Business Associate Scope Within Its HIPAA Risk Analysis Service

Redspin’s “portfolio risk analysis” helps covered entities ensure compliance under HIPAA/HITECH, and better understand the risks of protected health information (PHI) data breach among their business associates. To date, 50% of all PHI records compromised in major breach incidents have involved business associates.

Carpinteria, CA, March 23, 2011 — Redspin, Inc., a leading provider of healthcare IT security assessments, today announced an expansion of its HIPAA risk analysis services to provide covered entities with increased focus on their risk of PHI data breach from their business associates.

The Department of Health and Human Services’ Office for Civil Rights (OCR) recently reported that over 8 million individuals have been affected by major health information security breaches since the HITECH Act breach notification rule took effect in September 2009. Of these, breach incidents involving business associates accounted for 50% of the individuals impacted.

“Business associate risk will continue to represent a growing area of concern as the healthcare industry accelerates migration to electronic health records,” said Daniel W. Berger, President and CEO of Redspin. “While making information easier to share among business partners improves communications, efficiency and ultimately patient care, Redspin can help put additional governance in place to ensure secure transmission, storage
and stewardship of PHI.”

Redspin’s HIPAA risk analysis service has been expanded to allow covered entities look at business associate risk on a portfolio basis, applying general information security management principles to a focused subset of their enterprise-wide information security program. Through the use of Redspin’s Business Associate Security Questionnaire and other modeling tools, a covered entity can prioritize which business associates present the greatest potential risk, and then dedicate their attention, internal resources and mitigation efforts accordingly.

On March 30th, John Abraham, Redspin’s Founder and Chief Evangelist, will be conducting a webinar entitled “Navigating Business Associate IT Security Risk” at 3PM EDT. The webinar is free and open to all interested parties who wish to register at:

About Redspin, Inc.
For more than a decade, Redspin has delivered comprehensive IT security testing, risk
management and compliance solutions. The company’s penetration testing services and
security assessments help keep confidential information safe and critical systems secure.
Through expert analysis, complete objectiv¼ity and business acumen, Redspin serves the
healthcare industry as well as banking and financial services, retail, energy, technology,
hospitality, and casinos.

For more information visit

Dan Berger
Redspin, Inc.
[email protected]

Back To Top