This document describes the policy and procedure established by a small hospital, GIAC Health, for meeting the Risk Analysis Administrative Safeguard requirement for HIPAA compliancy. It also includes a brief explanation of GIAC Health's interpretation of the Risk Analysis required implementation...