Conducting IT risk analysis for HIPAA, meaningful use compliance

Meaningful use requires an IT risk analysis that documents a facility's vulnerabilities. So does HIPAA. Here's advice for completing such analyses and achieving compliance.

Both meaningful use and HIPAA require IT risk analysis for a health care network. Since the Office of the National Coordinator of Health IT (ONC) made risk analysis a meaningful use core measure last year, promoting it from deep within the fine print of the far-reaching HIPAA rule, the topic has suddenly moved to the front burner for CIOs trying to complete meaningful use attestation.

We sat down with the Health Information and Management System Society's HIMSS Analytics executive vice president John Hoyt to discuss recent survey data that shows, among other things, that hospitals are moving forward with IT risk analysis, albeit slowly. He explains why such analyses are important and offers advice for facilities that are developing their own methods and documentation for the IT risk analysis process.

Let us know what you think about the podcast; email Don Fluckinger, Features Writer.

Play now:
Download for later:

IT risk analysis for HIPAA, meaningful use compliance

  • Internet Explorer: Right Click > Save Target As
  • Firefox: Right Click > Save Link As

 

This was first published in November 2011

Dig deeper on Electronic health records security compliance

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.