top of page


The potential of an undesirable or unfavorable outcome resulting from a weakness or gap that has been exploited by threats due to a given action, activity and/or inaction.


HIPAA Risk Assessments have been a requirement since the implementation of the HIPAA Privacy Rule in 2003. Since then, the scope of the requirement has only continued to increase so that the administrative, physical, and technical safeguards of the HIPAA Security Rule along with Business Associates are now included. Not only has the scope increased, but so have the fines for non-compliance.


A thorough HIPAA Risk Assessment will start with the identification of where protected health information (PHI) is stored, received, maintained, or transmitted and then extend to all the risks associated with using, having, and/or sharing of the PHI. This is no small task. There are multiple tools and frameworks that can be utilized to help accomplish this, but a key element of a successful HIPAA Risk Assessment is a deep understanding of risk, control, and privacy. This is where The Mako Group can make the difference.


The Mako Group is comprised of senior-level staff with extensive experience in risk, control, privacy, and security management. The Mako Group staff not only knows the general tenants of HIPAA Risk Assessments; but is also experienced with conducting HIPAA Risk Assessments for healthcare providers of various sizes.


Thanks! Message sent.

bottom of page