Monday, March 25, 2013

How Do You Perform An Appropriate Security Risk Analysis?

The Meaningful Use Measures include a Security Risk Analysis.  The Security Risk Analysis evaluates your practice’s compliance with the HIPAA Security Standards.  Failure to complete the Security Risk Analysis can prevent you from collecting the EHR incentive and/or risk the EHR Incentive you do receive in the event of an audit. 

In a disturbing number of situations, practices are not properly completing the Security Risk Analysis.

Wednesday, March 20, 2013

Will HIPAA Omnibus’ Impermissible Disclosure and Use Standards Complicate Your Compliance Efforts?

The HIPAA Omnibus Rules, released in January 2013, will dramatically affect how you manage and deal with the impermissible disclosure and use of Protected Health Information (PHI).  Indeed, the new HIPAA Omnibus rules place a burden on your healthcare organization to analyze and document your review of potential PHI breaches.  As a practical matter, your healthcare organization could be looking at substantial problems complying with these requirements unless you strengthen your monitoring strategy.