security risk assessment
DESCRIPTION
Security Risk AssessmentTRANSCRIPT
ABOUT US
CompliancePro SolutionsTM
was founded in 2010 to focus on
the growing need for technology
and services to address patient
privacyand security. Recent
federal and state regulations
have placed increasing demands
on all healthcare organizations,
not only to prevent breaches from
occurring, but also to properly
address them when they do
occur.
CompliancePro SolutionsTM was
founded by Kelly McLendon and
Paul Albrecht, who bring a
combination of world-class HIM
and privacy expertise, coupled
with a strong track record of
building industry leading IT
solutions for healthcare.
• MS-Excel based Assessment tool with automated, flexible scoring and both pull down and free text answers
• Flexibility to tailor your assessment by type of organization, Covered Entity (CE) or Business Associate (BA) and venue of care from inpatient to ambulatory (including physicians’ offices)
• Automated flagging of high and low priority security gaps and documentation of followup action items.
• Do it yourself, utilize one of our certified partners or engage CompliancePro SolutionsTM to perform your assessment
• Reference library available with policy, form and educational materials
ARRA / HITECH has created Meaningful Use criteria
required in order to receive incentive funding for certified
EHR system adoption. This criteria includes a requirement
for a HIPAA Security Risk Analysis*. CompliancePro
Solutions has created an easy to use tool that enables
healthcare organizations to accurately attest that a
security risk analysis has been performed.
* The actual meaningful use criteria language for both Eligible Providers and Hospitals
is: “Protect electronic health information created or maintained by the certified EHR
technology through the implementation of appropriate technical capabilities – Measures
– Conduct or review a security risk analysis per 45 CFR 164.308(a)(1) (HIPAA) and
implement security updates as necessary and correct identified security deficiencies as a
part of it’s risk management process
HHS has well defined, through the HIPAA Security Rule and various publications adopting NIST standards, the subject matter areas and content of security risk assessments. However, even though details have been published there is a wide latitude of possible questions to be asked, which tends to allow for more or less complicated assessments. Although each organization is required to answer or address each area in the assessment, the depth to which many of the criteria are evaluated is open to tailoring.
CompliancePro SolutionsTM has taken the many sources of information published by the government and created a flexible HIPAA security risk assessment program. This program can, like our privacy assessment program, be tailored to your organization, whether a CE or BA, inpatient or ambulatory (including physicians office) and performed by yourself, one of our certified partners or CompliancePro SolutionsTM.
A S O L U T I O N F O R Y O U R S E C U R I T Y R I S K A S S E S S M E N T N E E D S
CompliancePro SolutionsTM HIPAA Security Risk Assessment
CompliancePro SolutionsTM HIPAA Privacy &
Security Risk Assessment programs include:
Florida - East Coast OfficeChuck [email protected]