The HIPAA Security Risk Analysis, also known as a security risk assessment, is a fundamental process required by the HIPAA Security Rule. Health care providers, payers, clearinghouses and Business Associates are all required to conduct a HIPAA SRA. A limited-scope SRA is also required by the Meaningful Use (Advancing Care Information) program. For Meaningful Use, the SRA is required on an annual basis.
According to a recent survey, physicians believe that EHR downtime harms patients. This is supported by the the Office of the National Coordinator of Health Information Technology (ONC), which states that medication errors and other impacts can occur. An effective HIPAA Security Risk Analysis (SRA) will
Read MoreWhat’s going on with new privacy and security objectives for Meaningful Use in healthcare? New MU Stage 2 Rules affirm that an annual Security Risk Analysis (SRA) must be conducted, and that the scope of this SRA may be limited to the data in the EHR.
Read MoreAfter the Oct. 2015 update from CMS, meaningful use and the security objective as this objective has moved from last, Core Measure 15 of 15, to first, Measure 1 of 10. We review what this means for provider in the latest edition of our newsletter.
Read More