CSS3 Button Css3Menu.com



Meaningful Use Security Risk Analysis


One of the meaningful use core (mandatory) objectives for Eligible Professionals is to protect electronic health information created or maintained by your certified EHR. There are no exclusions to this objective so all Eligible Professionals must complete this objective. To successfully attest to this objective you must anwser "yes" which means you have actually conducted a Security Risk Analysis during the reporting period for which you are attesting. Specifically the measure for the objective is to conduct or review a security risk analysis in accordance with the requirements under 45 CFR 164.308 and implement security updates as necessary and correct identified security deficiencies.


To successfully attest for meaningful use you must conduct or reivew a security risk analysis of your certified EHR and implement updates as necessary at least once before the end of the reporting period for which you are attesting. Review of the Security Risk Analysis must then take place before the end of each reporting period that follows. Security updates are required when any security deficienceis or breeches are identified during a risk analysis.


If you are audited for a certain reporting period and you fail to meet this objective you will have to return to CMS any meaningful use incentive payments earned for that reporting period.


One of our sponsors, Bits & Bytes Inc, is available to help doctors successfully perform a Security Risk Analysis. This is available at a very reasonable cost and is based on the number of providers, number of office locations, as well as the technical capabilities and knowledge of your office. This can be a simple process or a more complex process based on your office environment. Please contact Bits & Bytes Inc. to help you meet this objective.