Meaningful Use

Your EHR or EHR components must meet ONC’s standards and implementation specifications, at a minimum, to be certified to support the achievement of meaningful use Stage 1 by eligible health care providers under the EHR Incentive Program regulations. Along with many other criteria, ONC requires that an EHR meet nine security criteria to be certified. \The EHR Incentive Program and the HIPAA Security Rule do not mandate how the risk analysis and updates should be done. Instead, this is left up to the provider or organization. There are numerous methods for performing risk analysis and risk management. Below are commonly recommended steps for performing these tasks:

  1. Identify the scope of the analysis
  2. Gather data
  3. Identify and document potential threats and vulnerabilities
  4. Assess current security measures
  5. Determine the likelihood of threat occurrence
  6. Determine the potential impact of threat occurrence
  7. Determine in the level of risk
  8. Identify security measure and finalize documentation
  9. Develop and implement a risk management plan
  10. Implement security measures
  11. Evaluate and maintain security measures

Let RDI’s experienced security team assist with a professional, independent risk assessment to insure your organization meets Meaningful Use.