As part of the HIPAA requirements, don’t forget that a security risk analysis must be completed prior to attestation. Review CMS FAQ #10754 , and learn more about this meaningful use requirement below. A security risk analysis needs to be done whether you are attesting for Stage 1 or Stage 2. It is part of the Meaningful Use requirements. For more information, read the updated FAQ.
Per CMS:
- Conducting a security risk analysis is required when certified EHR technology is adopted in the first reporting year
- In subsequent reporting years, or when changes to the practice or electronic systems occur, a review must be conducted.
They also provide many helps:
- HIPAA Security Rule
- Stage 1 and Stage 2 requirements
- Security Risk Analysis Tipsheet
- Educational Resources
- ONC’s Security Risk Assessment (SRA) tool
- ONC's User Guide and Tutorial are also available
- Main Medicare/Medicaid EHR Incentive Programs Website
And definitely SUBSCRIBE to their e-News and you will get this sort of news in your in box!
No comments:
Post a Comment