• Follow Us

• Categories

  • Business Coaching
  • Call Center
  • Chat Time
  • Management
  • Meaningful Use
  • Outsourcing
  • Patient Satisfaction
  • Practice Revenue
  • Reform
  • Solution Blog
  • Staff Relations
  • Thought Processes

• Recent Posts

  • Practice Manager, Can You Be Too Friendly at Work?
  • Announcing our FREE Webinar to Answer Your Meaningful Use Measure 15 Questions
  • Who’s In Control – You or Your Technology?
  • Don’t Take Any Risks with Meaningful Use Attestation – Violations Can Lead to Big Fines
  • Could EMR Scribes Make Doctors More Effective in the Exam Room?

• Tags

  5010 accounts receivable attestation collection process David Neagle doctors documentation electronic health record employees Facebook goal setting healthcare consulting HIPAA ICD-10 increase revenue leadership listening meaningful use meaningful use deadlines media medical manager medical office medical practice medical practice management office manager Overwhelm Patient Relations patient satisfaction policies and procedures POMAA PQRI practice management practice manager practice marketing strategies practice operations practice policies provider Reform security security risk assessment social media staff turnover Stin Hansen success Twitter
• 

  

  

« Your Free Recording is Here – Here’s to a Great New Year! | Home | Your Policies and Procedures Are Incomplete If They Don’t Include a Security Risk Management Process »

Know Your Medical Practice Risks – Meaningful Use 15

January 5, 2012

A security risk assessment is a requirement of Meaningful Use attestation (Measure 15), but what exactly does that mean? A security risk assessment is not a new concept.  It is a requirement of the HIPAA Security Rule. But for attestation purposes, you must review your security procedures and ensure that they address current potential, as well as future, risk to your EHR system.

A thorough security risk assessment should include the following components:

1. A review of current security procedures related to your EHR. Be sure to include clinicians and management, as well as IT, in the review process.
2. Risk management procedures in your practice as well as any third parties who have access to information from your EHR system.
3. Threats to not only the confidentiality but also the integrity and availability of protected information.
4. Measures to identify future security risks.
5. A process for integrating continuing security updates.
6. A regular review process to manage future changes.

It’s not enough to merely conduct a security risk assessment, you must also address any security gaps to ensure that your EHRs are fully protected. So, if you’ve identified problems with the security of your EHRs, you should develop a plan and timeline to fix those risks. Only then can you truly meet Measure 15.

Topics: Meaningful Use | No Comments »

Related Articles:

1. The 5 W’s to Implementing the Security Rules for Meaningful Use in Your Practice
2. Meaningful Use Tip to Recording a Problem List
3. Assessing Privacy and Security – Measure 15 of Meaningful Use

Comments

Name (required)

Mail (will not be published) (required)

Website