EHR Security Risk Analysis
Medical Incentive Technologies LLC can provide a detailed, written Security Risk Analysis
for medical practices and hospitals in fulfillment of the Medicare Meaningful Use Quality Measure
to "Protect Electronic Health Information Created or Maintained by the Certified EHR Technology"
in accordance with HIPAA standards [CFR 164.308(a)(1)].
Our analysis includes the following areas.
- § 164.308 Administrative Safeguards
- § 164.310 Physical Safeguards
- § 164.312 Technical Safeguards
- Summary of Measures Implemented in Conjunction with the Analysis
- Identification of Measures for Future Resolution
How It's Done
Our consultants partner with your medical practice and your information technology team to both educate and document
security measures you have in place now. Where additional measures are called for, we help you prioritize required
and addressable areas for future implementation projects.
CMS has begun to audit Meaningful Use attestations and in particular, ask for a written copy of the EP or
hospital's Security Risk Analysis. When such documentation is unsatisfactory, CMS may 'claw back' incentive payments
and impose fines.
Medical Incentive Technologies LLC consultants have helped physician practices to enhance security
and HIPAA compliance for over ten years. Our approach includes not just technology but also
addresses the organizational culture issues related to security.