Meaningful Use and Risk Analysis - What It Means and How to Get Started
Overview:
An accurate assessment of potential risks is essential to your entity's health in relation to ongoing compliance with privacy and security regulations.
If you use, disclose or store ePHI (electronic Protected Health Information), HIPAA's Security Rule mandates that covered entities and business associates periodically conduct a Risk Analysis. The Security Rule describes the Risk Analysis as including "an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of electronic Protected Health Information." This also applies to non-electronic PHI per the HIPAA Privacy Rule.
To prove meaningful use and take advantage of EHR incentive dollars (Medicare Part B, Medicare Advantage and Medicaid incentives), you must conduct a Risk Analysis.
Stage 1 requirements for EHR (electronic health record) meaningful use for eligible professionals or eligible hospitals and critical access hospitals (CAHs) include protecting electronic health information as a core objective. CMS measures whether or not an entity meets the core objective based on that entity's completion of a Risk Analysis that satisfies the conditions of the associated Code of Federal Regulations.
This webinar will assist hospitals and EPs in understanding the Risk Analysis cycle, including:
- Data collection
- Prioritized asset inventory review
- Threat and vulnerability identification
- Existing security control evaluation
- Impact and cost assessment
- Risk Level Assignment
Areas Covered in the Session:
- Meaningful Use EHR incentives overview
- Risk analysis attestation
- HIPAA Security Rule risk analysis and risk management requirements overview
- Review of risk analysis methodology (step-by-step)
- Review of an risk analysis policy and procedure
- Evaluation of existing controls
- Likelihood and Impact
- Risk Level Assignment
- Mitigation and Documentation
- Risk Management
- Resources
Who Will Benefit:
- Health Care Professionals
- Practice and HIM Management
- CIOs
- Privacy Officers
- Security Officers
- Risk Managers
- Compliance Officers
- Legal Counsel
- Human Resources