Protect Electronic Health Information

From the HealthIT.gov website. What should I do to protect electronic health information? | Providers & Professionals | HealthIT.gov

When attesting to meaningful use, you are required to meet the core measures each year, which includes another security risk assessment. It is important not to skip this step, as it could result in having to pay back any incentive money you received.

Objective:

Protect electronic health information created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities.

Measure:

Conduct or review a security risk analysis in accordance with the requirements under 45 CFR 164.308(a)(1) and implement security updates as necessary and correct identified security deficiencies as part of its risk management process.

Clinical Importance

Maintaining the confidence of the personal health information of patients is an old and sacred responsibility for clinicians. One concern many practices have with implementing EHRs is the ability to provide the right amount of security for their patients records. Applying safeguards found in The HIPAA Privacy Rule can assist in avoiding common security gaps that lead to cyber attack or data loss which can help protect the people, information, technology, and practices.

Cms Resources

The following resources are available to help you meet the Protect Electronic Health Information meaningful use core measure:

CMS EHR Incentive Program Frequently Asked Questions

Lessons from the Field