Follow Us Become a Fan of Practice Manager Solutions on Facebook Follow Rebecca on Twitter Follow Rebecca on LinkedIn Practice Manager Solutions on LinkedIn Practice Manager Solutions on GooglePlus Practice Manager Solutions RSS Feed

« | Home | »

Yes, Practice Manager, I’m Going on Record

November 15, 2012

I’m ending this year by going on record about Meaningful Use attestation – particularly Core Measure #15. Anyone who has worked with me knows that I am continually reminding practice managers who have or are attesting to Meaningful Use that you can’t just attest that you’ve met the criteria of each core measure – you must actually do what you say you’ve done. So, now I’m putting it in writing. I’ve said it before and I’m going to say it one more time:

  1. If you’re attesting to Meaningful Use Core Measure #15 – Conduct a Security Risk Assessment on your EHR system – you must actually complete the Security Risk Assessment. If you haven’t completed it, then DO NOT attest.
  2. It’s not enough to just conduct the Security Risk Assessment, you must also identify potential risks and create a plan for mitigating those risks.
  3. Your plan is worth nothing more than the piece of paper it is printed on unless you work through the list of corrective actions to ensure that every vulnerability in your system is identified and addressed.
  4. Addressing risks is not a one time and you’re done project. You must continually assess your EHR to identify potential future points of risk. You must have a plan for continuous review, maintenance and auditing activity logs.
  5. Have your Security Risk findings been incorporated into your HIPAA Compliance Manual? If not, then the intent of Core Measure #15 has not been fully completed. Update your policy manual with your processes and procedures. Be sure to include your plan for continuous review. A fully documented HIPAA Security Compliance Manual is one of your best defenses in the event of an audit.
  6. Has your workforce been trained? Your workforce is your #1 leak to HIPAA non-compliance. Without proper training, they have the potential to harm your practice either intentionally or unintentionally. This is a requirement under the HIPAA Security Rule.
  7. Finally, DO NOT attest if you haven’t conducted a thorough and effective Security Risk Assessment and gone the extra steps to incorporate the findings into your policies. Plain and simple. You could be committing fraud or worse willful neglect and open your practice to potential corrective action costs and/or fines.

I am here with resources to help you get each and every step of this process completed. In the event of an audit, I can help you with corrective actions, but I can’t help you stand in front of an auditor and explain why you didn’t do what you said you did. If you haven’t yet downloaded our HIPAA Security Risk Checklist, visit our website and download our FREE HIPAA Security Rule and Meaningful Use resources at www.practicemanagersolutions.com. Contact me at info@practicemanagersolutions.com today so we can make sure your practice is protected.

Share and Enjoy:

Topics: EHR Incentive, HIPAA Security Policies, Meaningful Use | No Comments »

Comments

Rebecca on Twitter

The Hidden Liability That Could Bite Your Physicians Hard

Few practice managers are aware that their retirement plan could hold one of the largest personal financial risks in their practice. To understand why, you need to learn the term “fiduciary.” A fiduciary is someone in a special position of trust on whom others rely. On a qualified retirement plan like a 401(k), 403(b) or cash balance plan, fiduciaries are those involved in decisions on the plan, including the plan trustees, committee members and usually the CEO, CFO and head of H.R. As practice manager, you may also be a fiduciary. One fiduciary is always named in the plan document, […]

KEEP READING »

From My Clients

“From our Facebook page:

The mission and vision at Practice Manager Solutions is to help individual providers stay independent and have the ability to grow their businesses.

Charlotte Rogers commented: And I can testify to this. She does an awesome job”

Charlotte Rogers


Online Payment Solution