Meaningful Use Tip – You Must Update Policies & Procedures Before Attesting to Meaningful Use
Thursday, February 16th, 2012It has been scary here lately to hear Practice Managers answering Yes that they comply with questions for the Security Risk Analysis that is required for Meaningful Use Measure #15 in order to attest. Many of them are stating Yes that they have performed the Security Risk Analysis and know their internal processes for security; however, do not have those processes or policies written. You should know this: Policies and Procedures and Documentation Requirements are part of the Final Rule; and in paraphrasing CFR 164.316(a) you MUST maintain site specific policies and procedures documentation that defines how your organization will [...]
Practice Manager Survey Results – Impact of Meaningful Use and Electronic Health Record Implementation
Thursday, February 2nd, 2012For this week’s Meaningful Use tip I’d like to share with you the results of the Practice Manager Survey we conducted during January. The following are the six survey questions along with a summary of responses: What were your biggest challenges in 2011? 28% – keeping up with changes in compliance measures 28% – transitioning to an EHR/EMR system 14% – managing expenses 30% – miscellaneous “other” items What do you foresee as your biggest challenge in 2012? 57% – transitioning to an EHR/EMR system 43% – preparing for ICD 10 – 5010 migration What’s your main focus for your [...]
Secrets to Registering and Attesting for Meaningful Use
Thursday, January 19th, 2012Did you know that you can register, start attesting and then save and continue later on the CMS attestation site? Well, you do now. It is always a good idea to take your time when filling out critical forms and in this case, it involves your provider’s incentive bonus. You can register here and fill out the information you have gathered so far, save and continue more later: https://ehrincentives.cms.gov/hitech/login.action. Keep in mind that you will need numerators and denominators in order to completely attest, so I recommend having those numbers handy or at least access to a dashboard or reporting [...]
Your Policies and Procedures Are Incomplete If They Don’t Include a Security Risk Management Process
Thursday, January 12th, 2012Patient privacy and confidentiality of medical records is protected by the department of Health & Human Services through the HIPAA Security Rule. And, if your practice is using Electronic Health Record technology (EHR) and/or attesting to Meaningful Use, well-documented Policies and Procedures are at the heart of the HIPAA Security Rule Administrative Guidelines. The very first Administrative Standard refers to the prevention, detection, containment and correction of any security violations. As we’ve discussed over the last few weeks, if you are attesting to Meaningful Use, Measure 15 outlines the requirement of a security risk analysis that addresses potential security gaps [...]
Know Your Medical Practice Risks – Meaningful Use 15
Thursday, January 5th, 2012A security risk assessment is a requirement of Meaningful Use attestation (Measure 15), but what exactly does that mean? A security risk assessment is not a new concept. It is a requirement of the HIPAA Security Rule. But for attestation purposes, you must review your security procedures and ensure that they address current potential, as well as future, risk to your EHR system. A thorough security risk assessment should include the following components: A review of current security procedures related to your EHR. Be sure to include clinicians and management, as well as IT, in the review process. Risk management [...]
« Previous Entries