Security Risk Analysis Tip Sheet

26144
CMS and OCR post on
Security Risk Analysis Tip Sheet

Protect Patient Health Information - Updated March 2016

Conducting or reviewing a security risk analysis to meet the standards of Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule is included in the meaningful use requirements of the Medicare and Medicaid EHR Incentive Programs. Eligible professionals must conduct or review a security risk analysis for each EHR reporting period to ensure the privacy and security of their patients’ protected health information. 

Conducting a security risk analysis is required when certified EHR technology is adopted in the first reporting year. In subsequent reporting years, or when changes to the practice or electronic systems occur, a review must be conducted.

Documents to download

Previous Article Objective 10 of 10 - Public Health Reporting
Next Article EHR Incentive Programs for Eligible Professionals

Leave a comment

This form collects your name, email, IP address and content so that we can keep track of the comments placed on the website. For more info check our Privacy Policy and Terms Of Use where you will get more info on where, how and why we store your data.
Add comment