It’s no fun, but you have to do it: a HIPAA security risk assessment.
And if you participate in the Medicare Merit-Based Incentive Payment System (MIPS), conducting or updating a risk assessment is a requirement in the Promoting Interoperability category. In order to meet the 2020 performance year requirements, you must complete your security risk assessment (SRA) by Dec. 31. This is not an optional measure.
Thankfully, an upgraded tool from the U.S. Department of Health and Human Services (HHS) might make the assessment easier.
The Security Risk Assessment Tool 3.2, which is free to download and use, is designed to help practices with one to 10 physicians identify their risks and vulnerabilities with electronic protected health information (ePHI) and then implement appropriate security measures.
The enhanced version of the SRA Tool includes new features such as improved navigation throughout the assessment sections, and export options for reports. The updated interface also automatically adapts to fit mobile screens or desktop monitors.
HIPAA requires practices to review and document their administrative, physical, and technical safeguards to regularly protect patients’ ePHI.
For more about HIPAA security safeguards and requirements, visit the TMA website’s electronic health record and HIPAA pages.
Also, TMA’s practice management consultants can provide on-site staff training and compliance walk-throughs.
Plus, TMA offers two on-point continuing medical education courses: HIPAA Training for Medical Office Staff and Complying With HIPAA Security Rule and Texas Data Security Laws. Those courses are free to TMA members, compliments of TMA Insurance Trust.
Last Updated On
October 12, 2020
Originally Published On
October 30, 2018