Follow Us Become a Fan of Practice Manager Solutions on Facebook Follow Rebecca on Twitter Follow Rebecca on LinkedIn Practice Manager Solutions on LinkedIn Practice Manager Solutions on GooglePlus Practice Manager Solutions RSS Feed

« | Home | »

Yes, Practice Manager, I’m Going on Record

November 15, 2012

I’m ending this year by going on record about Meaningful Use attestation – particularly Core Measure #15. Anyone who has worked with me knows that I am continually reminding practice managers who have or are attesting to Meaningful Use that you can’t just attest that you’ve met the criteria of each core measure – you must actually do what you say you’ve done. So, now I’m putting it in writing. I’ve said it before and I’m going to say it one more time:

  1. If you’re attesting to Meaningful Use Core Measure #15 – Conduct a Security Risk Assessment on your EHR system – you must actually complete the Security Risk Assessment. If you haven’t completed it, then DO NOT attest.
  2. It’s not enough to just conduct the Security Risk Assessment, you must also identify potential risks and create a plan for mitigating those risks.
  3. Your plan is worth nothing more than the piece of paper it is printed on unless you work through the list of corrective actions to ensure that every vulnerability in your system is identified and addressed.
  4. Addressing risks is not a one time and you’re done project. You must continually assess your EHR to identify potential future points of risk. You must have a plan for continuous review, maintenance and auditing activity logs.
  5. Have your Security Risk findings been incorporated into your HIPAA Compliance Manual? If not, then the intent of Core Measure #15 has not been fully completed. Update your policy manual with your processes and procedures. Be sure to include your plan for continuous review. A fully documented HIPAA Security Compliance Manual is one of your best defenses in the event of an audit.
  6. Has your workforce been trained? Your workforce is your #1 leak to HIPAA non-compliance. Without proper training, they have the potential to harm your practice either intentionally or unintentionally. This is a requirement under the HIPAA Security Rule.
  7. Finally, DO NOT attest if you haven’t conducted a thorough and effective Security Risk Assessment and gone the extra steps to incorporate the findings into your policies. Plain and simple. You could be committing fraud or worse willful neglect and open your practice to potential corrective action costs and/or fines.

I am here with resources to help you get each and every step of this process completed. In the event of an audit, I can help you with corrective actions, but I can’t help you stand in front of an auditor and explain why you didn’t do what you said you did. If you haven’t yet downloaded our HIPAA Security Risk Checklist, visit our website and download our FREE HIPAA Security Rule and Meaningful Use resources at www.practicemanagersolutions.com. Contact me at info@practicemanagersolutions.com today so we can make sure your practice is protected.

Share and Enjoy:

Topics: EHR Incentive, HIPAA Security Policies, Meaningful Use | No Comments »

Comments

Rebecca on Twitter

Using Credit to Grow Your Medical Practice-What You Need to Know

Monika Nagy, a Certified Credit Analyst and founder of www.DoctorandDentist.com , and Reney DuBose, experienced licensed credit attorney and co-founder of A & C Consultants and author or “The Guide to Legal Credit Improvement” explains how medical and dental practices need to pay attention to their personal and business credit if they want to grow their medical practice in times of changing healthcare policies.  

KEEP READING »

From My Clients

“Rebecca working with you has been such a pleasure. As you know Practice Managers are far beyond busy and getting the security policies done is so important therefore getting us out of the office to get them done in two days is the only way to do it. Not only did you make it easy for us, you got us out of our offices, provided a lovely environment to work in and we walked away accomplishing an extremely daunting task. Practice Manager Solutions is top notch. Thank you and please keep me informed if you decide to do another workshop.”

Emely Edwards, Dr. Rene Cruz’s Office


Online Payment Solution