Meaningful Use audits are happening and NCG wants you to be prepared and prevent your practice for being at risk of losing EHR meaningful use incentive money.
The Centers for Medicare and Medicaid Services (CMS) require practices to protect electronic health information. This requirement is listed in Meaningful Use Core Measure #15. It states that a practice must have, “proof that a security risk analysis of the certified EHR technology was performed prior to the end of the reporting period.”
Is your practice ready for a security risk assessment audit from CMS?
Following the security risk assessment rules is not difficult, but step one is to make sure the procedures are readily available and regularly followed by your staff.
Here are some key items to consider:
• Have ready documentation that procedures are being followed
• Make sure your office staff knows exactly where the assessment document is and are aware of the procedures
• Conduct informal trainings to make sure the entire staff is aware
For more tips on how to strengthen your security risk assessment, visit http://www.healthit.gov/providers-professionals/achieve-meaningful-use/core-measures/protect-electronic-health-information.
The process is straightforward, but needs to be done! CMS provides guided templates for practices security risk assessments, http://www.healthit.gov/providers-professionals/ehr-implementation-steps/step-2-plan-your-approach.
If you have questions about the validity of your security risk procedures, please contact 800-959-1906.