Follow Us Become a Fan of Practice Manager Solutions on Facebook Follow Rebecca on Twitter Follow Rebecca on LinkedIn Practice Manager Solutions on LinkedIn Practice Manager Solutions on GooglePlus Practice Manager Solutions RSS Feed

« | Home | »

Yes, Practice Manager, I’m Going on Record

November 15, 2012

I’m ending this year by going on record about Meaningful Use attestation – particularly Core Measure #15. Anyone who has worked with me knows that I am continually reminding practice managers who have or are attesting to Meaningful Use that you can’t just attest that you’ve met the criteria of each core measure – you must actually do what you say you’ve done. So, now I’m putting it in writing. I’ve said it before and I’m going to say it one more time:

  1. If you’re attesting to Meaningful Use Core Measure #15 – Conduct a Security Risk Assessment on your EHR system – you must actually complete the Security Risk Assessment. If you haven’t completed it, then DO NOT attest.
  2. It’s not enough to just conduct the Security Risk Assessment, you must also identify potential risks and create a plan for mitigating those risks.
  3. Your plan is worth nothing more than the piece of paper it is printed on unless you work through the list of corrective actions to ensure that every vulnerability in your system is identified and addressed.
  4. Addressing risks is not a one time and you’re done project. You must continually assess your EHR to identify potential future points of risk. You must have a plan for continuous review, maintenance and auditing activity logs.
  5. Have your Security Risk findings been incorporated into your HIPAA Compliance Manual? If not, then the intent of Core Measure #15 has not been fully completed. Update your policy manual with your processes and procedures. Be sure to include your plan for continuous review. A fully documented HIPAA Security Compliance Manual is one of your best defenses in the event of an audit.
  6. Has your workforce been trained? Your workforce is your #1 leak to HIPAA non-compliance. Without proper training, they have the potential to harm your practice either intentionally or unintentionally. This is a requirement under the HIPAA Security Rule.
  7. Finally, DO NOT attest if you haven’t conducted a thorough and effective Security Risk Assessment and gone the extra steps to incorporate the findings into your policies. Plain and simple. You could be committing fraud or worse willful neglect and open your practice to potential corrective action costs and/or fines.

I am here with resources to help you get each and every step of this process completed. In the event of an audit, I can help you with corrective actions, but I can’t help you stand in front of an auditor and explain why you didn’t do what you said you did. If you haven’t yet downloaded our HIPAA Security Risk Checklist, visit our website and download our FREE HIPAA Security Rule and Meaningful Use resources at www.practicemanagersolutions.com. Contact me at info@practicemanagersolutions.com today so we can make sure your practice is protected.

Share and Enjoy:

Topics: EHR Incentive, HIPAA Security Policies, Meaningful Use | No Comments »

Comments

Rebecca on Twitter
  • Coding Common Sense Tips for Medical Practices in 2015

    The importance of coding properly just took on a new relevance for the independent physician who strives to keep up with “big dogs” in the healthcare arena.  Medical practice managaement planning and application of techniques you can glean along the way will help you survive and possibly thrive throughout this year.  Here is some coding common sense to keep you moving forward this year: PQRS Reporting – Many providers received letters from PQRS indicating 1.5% penalty for this year due to not reporting quality measures in 2013. If you did not report PQRS in 2013, be aware that the penalties […]

    KEEP READING »

From My Clients

“From our Facebook page:

The mission and vision at Practice Manager Solutions is to help individual providers stay independent and have the ability to grow their businesses.

Charlotte Rogers commented: And I can testify to this. She does an awesome job”

Charlotte Rogers


Online Payment Solution