<div> <p><span style="font-weight: 400;">As part of my HIPAA compliance program (and to satisfy Meaningful Use requirements), I completed the Security Risk Analysis (SRA). What do I do with it now? Do I have to send the results to someone? How do they know we did it?</span></p> </div>

Once completed, you will need to either save (PDF or online version is fine) or print the assessment. You may also do both so you have a backup. Be sure to review the results of the SRA and take appropriate action steps in making improvements/updates in your existing systems and Policies and Procedures Manual that you have determined are necessary for compliance.  

After you have taken those steps, file the Security Risk Assessment document with your periodic review documents for the year. The SRA is a required element for HIPAA Security and must be completed once per year.