HIPAA Security Risk Analysis

The HIPAA Security Risk Analysis, also known as a security risk assessment, is a fundamental process required by the HIPAA Security Rule. Health care providers, payers, clearinghouses and Business Associates are all required to conduct a HIPAA SRA. A limited-scope SRA is also required by the Meaningful Use (Advancing Care Information) program.  For Meaningful Use, the SRA is required on an annual basis.


Sell More to Hospitals with a HITRUST Certification

Sell More to Hospitals with a HITRUST Certification

The Provider Third Party Risk Management Council, made of a consortium of leading hospitals, introduced a new approach to third-party risk management. How can you better serve them? The solution is simple – any vendor of a certain size who wishes to do business with one the member hospitals must successfully complete – and annually maintain — a certification using the HITRUST CSF. Member hospitals will accept a HITRUST certification as evidence of a robust security program. No questionnaires or further dialog is necessary.

Read More
EHRs can Kill Patients

EHRs can Kill Patients

Ten years after the EHR-promoting HITECH Act was passed, many EHRs still struggle with functionality, are not user friendly, don’t “talk to each other”, and even malfunction, according to Fortune and Kaiser Health News. Most of of the time, these issues merely result in frustration among physicians and staff. The Fortune/Kaiser article makes clear that EHR problems are resulting in outcomes far worse — including patient injury, permanent disability and even death. Effective risk analyses will factor the impact of EHR errors.

Read More

Pin It on Pinterest