Risky Business: How to Conduct a NIST-based Risk AnalysisPhase I and II HIPAA audits and over 100 Office for Civil Rights (OCR) enforcement actions continue to show that nearly 90% of healthcare organizations fail to meet the HIPAA Risk Analysis requirement and around 80% of these organizations failed to meet the HIPAA Risk Management requirement as well. We delve into the reasons why in this white paper.