Security Risk Analysis Guide
Securing Your Electronic Protected Health Information
As the popularity of electronic health records grows, so does the need for sound security measures to protect patient information. One way to evaluate your practice’s risk is through a security risk analysis. For those of you familiar with Meaningful Use, you have probably heard of this before. For those of you less familiar, a security risk analysis ensures the privacy and security of patients’ protected health information. Regardless if you choose to attest or not, you should be utilizing tools, such as this, to assess your risk and make necessary changes to safeguard patient information.
As part of Meaningful Use, practices must conduct or review a security risk analysis in order to meet the standards of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. Stage 1 of Meaningful Use requires eligible professionals to conduct the analysis, implement necessary updates and correct any identified security deficiencies. For stage 2, these professionals need to meet the same requirements as stage 1 but must also address the encryption/security of data at rest.
While it may be one of the more simple measures to meet, there are still several clinics that struggle to complete this task. To help make the process a bit simpler and provide a free reference tool for all practices, the FoxFire team has put together a quick Security Risk Analysis Guide.
Using this guide, take a few minutes to analyze your security measures and assess your potential risk. Sample answers provided in the guide demonstrate some ways practices are ensuring the information is protected. Please keep in mind, this is only a reference tool to get your practice thinking through the process. It is in no way a guarantee of secure information or compliance with any laws or regulations. It is simply an informative tool to give practices insight into an integral part of adopting electronic health records.