Meaningful Use Compliance: Privacy & Security

To comply with the Meaningful Use Core Objective and Measure for Privacy and Security (and qualify for incentive payments), Eligible Professionals (EPs) must “protect electronic health information created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities”.

As an EP, what do you need to do?

First, EPs must conduct or review a security analysis. Then, based on the results of the analysis, EPs must implement necessary security updates and correct security deficiencies identified in the risk management process.

It is important to note:

There are NO exclusions available to EPs for this measure; and
Not completing the required risk analysis and/or falsely attesting to its completion could result in forfeiture of meaningful use incentive payments and further lead to possible HIPAA violations.

Don’t worry…HITEC-LA is here to help. Our experienced privacy and security experts are on staff and ready to assist you with compliance requirements for the Privacy and Security Measure, as well as all other Meaningful Use Objectives. Just contact your Service Partner today to learn about the full range of services available to you!

Additional information can also be found at the following resources:

Links:

California Office of Health Information Integrity – “Privacy 360” [1]. Note that there is a box on the right hand side labeled “HIPAA Security Tool Kit”
California Office of Health Information Integrity – “Risk Assessment Tool” [2]. This is a free Risk Assessment tool that providers can use to help them meet the Meaningful Use Privacy and Security objective. The tool requires the provider to register, but CalOHII will not have access to their actual data.
Privacy and Security "Training Game” [3]
Recorded Webinar: Managing Risk Exposure in Meaningful Use Stage 2 [4]
Top 10 Myths of Security Risk Analysis [5]

Downloads: