A security risk analysis can be a daunting task. Meaningful use and HIPAA require you to conduct a Risk Analysis per CFR 164.308 (a)(1)(ii)(A). But if not conducted by an information security professional, your organization can still be exposed to threats against your patients’ information. And how do you know what to do after the assessment? DueNorth uses an unbiased, quantifiable assessment process built on the NIST framework that can be easily repeated year after year. We can help with any remediation efforts including policy and procedure creation, employee training, and more.