The primary purpose of security risk analysis for Meaningful Use/MIPS is to identify key technical vulnerabilities in the electronic Protected Health Information (ePHI) and EHR systems environments. In order to implement appropriate technical controls, eligible professionals and hospitals need to conduct a security risk analysis in accordance with the requirements under HIPAA security rule 45 CFR 164.308(a)(1), apply security updates as necessary, and correct identified security deficiencies as part of their risk management process before MU/MIPS attestation deadline.
The Office of the National Coordinator for Health Information Technology (ONC) recognizes that conducting a risk assessment can be a challenging task which requires outside assistance. Attend our free, live 50-minute webinar to learn about how to prepare and attest to Meaningful Use/MIPS Security Risk Analysis requirements.
Latest posts by EHR 2.0 (see all)
- FDA CFR Part 11 Compliance and Benefits - February 20, 2019
- Data Protection Officer (DPO) and GDPR Compliance - February 11, 2019
- Colorado hospital failed to terminate former employee’s access to ePHI - December 12, 2018