{"id":813,"date":"2016-11-04T07:00:26","date_gmt":"2016-11-04T13:00:26","guid":{"rendered":"https:\/\/dsiohn098w.mpqhf.org\/blog\/?p=813"},"modified":"2017-03-28T10:21:21","modified_gmt":"2017-03-28T16:21:21","slug":"hts-mu-security-risk-assessments-needed-mu-2","status":"publish","type":"post","link":"https:\/\/dsiohn098w.mpqhf.org\/blog\/hts-mu-security-risk-assessments-needed-mu-2\/","title":{"rendered":"HTS – MU: Security Risk Assessments Needed for More than MU"},"content":{"rendered":"

\"Security-Risks-Assessments-Needed-for-More-than-MU\"<\/p>\n

Security Risk Assessments Needed for More than MU<\/h1>\n

November 4, 2016<\/h5>\n
Written by Patty Kosednar<\/h6>\n

Hey all you meaningful users!\u00a0 As you all know, security risk assessments are a requirement for meeting meaningful use.\u00a0 However, the requirement for them and their importance is greater than just the MU program.\u00a0 Below is information from Susan Clarke, our Health Care Information Security and Privacy Practitioner:<\/p>\n

\u201c2016 is the biggest HIPAA enforcement Year for the Office for Civil Rights (OCR), with over $20 Million in settlements and growing.\u00a0 At the Safeguarding Health Information:\u00a0 Building Assurance through HIPAA Security in 2016<\/em> conference held in Washington, D.C. on October 19-20, incomplete or inaccurate risk analysis was discussed as a deficiency by OCR.\u00a0 Covered Entities and Business Associates need to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information.\u00a0 See 45 C.F.R.164.308(a)(1)(ii)(A).<\/p>\n

Organizations frequently underestimate the proliferation of ePHI within their environments.\u00a0 When conducting a risk analysis, an organization must identify all of the ePHI created, maintained, received or transmitted by the organization.<\/p>\n

In addition, conducting or reviewing a security risk analysis to meet the standards of HIPAA Security Rule is included in the meaningful use requirements of the Medicare and Medicaid EHR Incentive Programs. Eligible professionals must conduct or review a security risk analysis for each EHR reporting period to ensure the privacy and security of their patients\u2019 protected health information.\u00a0 Click here for more information<\/a>.\u201d<\/p>\n

Time is running out to have your security risk analysis completed in 2016, please contact HTS for more information on how we can help provide a SRA for your practice, hospital or nursing home.<\/p>\n

Visit our website for more information on how we can assist you with your SRA.<\/a><\/p>\n

Susan Clarke,\u00a0Health Care Information Security and Privacy Practitioner<\/p>\n

www.gotohts.org<\/a><\/p>\n

307.248.8179<\/p>\n

If you have any questions at all, or run into issues with any of the meaningful use objectives and would like help please use \u00a0the \u201cLeave a Reply\u201d section below, or email Patty Kosednar directly with your questions or comments.<\/p>\n

Other Resource Links<\/strong><\/p>\n

HTS MU Resources<\/a><\/p>\n

CMS 2016 MU Requirements<\/a><\/p>\n

\n

 <\/p>\n

Subscribe to the HTS Meaningful Use Blog<\/strong>
\n Subscribe<\/span><\/a>\n

 <\/p>\n

\n
\n
\n

See a list of upcoming webinars<\/strong><\/p>\n

See a list of upcoming webinars<\/span><\/a>
\n<\/section>\n

\n

Check out any webinars you missed<\/strong><\/p>\n

Check out any webinars you missed<\/span><\/a>
\n<\/section>\n