Archive for the Risk Analysis for Meaningful Use Category

Colorado hospital failed to terminate former employee’s access to ePHI

Colorado hospital failed to terminate former employee’s access to ePHI

Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security rules requires all healthcare covered entities and their business associates to conduct security risk analysis of their IT infrastructure annually and with any change in process or system. As part of HIPAA rules, all covered entities and their business associates are required to have proper procedure in place to terminate any employees.
Pagosa Springs Medical Center (PSMC) has agreed to pay $111,400 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services and to adopt a substantial corrective action plan to settle potential HIPAA violations

Read more

Security Risk Analysis for 2018 MACRA/MIPA Reporting

The Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) replaced three quality programs (the Medicare Electronic Health Record (EHR) Incentive program, the Physician Quality Reporting System (PQRS), and the Value-Based Payment Modifier (VM) with the Quality Payment Program. This one program will give Medicare physicians and clinicians a chance

Read more

HIPAA Compliance 2016 Year in Review

Planning for the upcoming year is a chance to review the main developments in Healthcare IT HPAA Compliance from 2016 that will affect providers, business associates, and patients. Priorities remain to uphold confidentiality, integrity, and availability of patient data, factoring in the latest proceedings in technological and

Read more

Vote for EHR 2.0 submission for creating online privacy practice notice

EHR 2.0’s team is participating in ONC challenge to create online notice of privacy practice entry.  Our online application requires only few minutes of customization by Covered Entities to create notice of privacy practices that they could provide to their patients via mobile, web or other end-user

Read more

HIPAA Security Vulnerability

What is the Heartbleed bug? The Heartbleed bug is a serious vulnerability in the popular OpenSSL cryptographic software library. OpenSSL is an implementation of the SSL/TLS encryption protocol used to protect the privacy of Internet communications between two parties.  Many websites and applications like email, Instant messaging

Read more

Microsoft ending support of Windows XP operating system

 If your healthcare practice runs any computers with Windows XP, you will face  considerably increased risk of data breaches and HIPAA violations in less than 24  hours.  Beginning April 8th, 2014 @ 11:59pm EST, Microsoft will no longer provide  security patches / updates for Windows XP, which is expected to magnify the

Read more

10 Myths and Facts about HIPAA and Meaningful Security Risk Analysis

Conducting  a security risk analysis to meet the standards of Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule is included in the meaningful use requirements of the Medicare and Medicaid EHR Incentive Programs. The following areas addresses some of the common myths about conducting

Read more

Do I need to address all identified security risks?

Before conducting meaningful security risk analysis of ePHI, it is important that practitioners clearly understand the terminologies: Risk is the level of exposure and potential impact of threats on the confidentiality, integrity, and availability of electronic Protected Health Information (ePHI). Threats are all factors that can have a

Read more

Meaningful Use Risk Analysis Scope

Identifying the scope for Meaningful Use security risk analysis starts with understanding the flow of your electronic Protected Health Information.  According to HHS guidelines, the following personal information (18 identifiers), when combined with clinical data, becomes Protected Health Information (PHI), which is the scope of security risk

Read more