Q&A: We just learned that for Meaningful Use attestation, we have to complete a Security Risk Assessment. What is that and how do we do it?
Answer:
The Security Risk Assessment is a complete and comprehensive evaluation of your practice's HIPAA Security Policies and Procedures. This helps to ensure that practices do have appropriate systems in place to best ensure the integrity and security of electronic Protected Health Information (ePHI).
Without appropriate policies and procedures in place, practices have a much greater risk of inappropriate incident, exposure, access, use, and destruction of ePHI. Not only is this potentially a very costly and damaging hazard to a practice but to patients as well.
Because we operate in an electronic age where information is created, stored, maintained, and transmitted electronically, practices are responsible for implementing appropriate safeguards to minimize risk of this information being inappropriately accessed.
The Security Risk Assessment addresses the administrative, physical, and technical security of your practice and helps you to ensure that adequate policies and procedures are in place and are consistent with the needs of the practice.
Note that the Security Risk Assessment is not only required for Meaningful Use attestation, but is also a required component of HIPAA Security.
You can learn more about the Security Risk Assessment and use a chiropractic specific Security Risk Assessment Tool (SRA Tool), by visiting here. http://compliantchiro.com/security-risk-assessment