In October 2018, the Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the HHS Office for Civil Rights (OCR), released an updated, downloadable Security Risk Assessment (SRA) tool. This updated SRA tool is easier to use and applies more broadly to the risks of confidentiality, integrity, and availability of health information. The tool is designed to help healthcare providers conduct an SRA as required by the HIPAA Security Rule and the Centers for Medicare and Medicaid Services (CMS) Electronic Health Record (EHR) Incentive Program. The tool diagrams HIPAA Security Rule safeguards and provides enhanced functionality to document how your organization implements safeguards to mitigate, or plans to mitigate, identified risks. The new SRA tool is available for Windows computers and laptops. However, the previous iPad version of the SRA tool is still available from the Apple App Store (search under “HHS SRA Tool”). Go to the HealthIT.gov website to download the updated SRA tool.