EHRs and HIPAA: Steps to Maintain Privacy and Security of

Patient Data

Program Goals

Introduction

Introduction (cont)

The EHR Incentive Programs

Meaningful Use and Security

HIPAA and HITECH

Step 2: Provide Leadership

Step 2: Leadership (cont)

Step 3: Document Process, Findings and Actions

Step 3: Documentation (cont)

Step 3: Documentation (cont)

Step 4: Conduct a Risk Analysis

Step 4: Risk Analysis (cont)

Step 5: Develop an Action Plan

Step 6: Managing and Mitigating Risk

Step 6: Managing Risk (cont)

Step 6: Managing Risk (cont)

Step 6: Managing Risk (cont)

Step 7: Education and Training

Step 7: Education and Training (cont)

Step 8: Communicate with Patients

Step 8: Communication (cont)

Step 9: Update Business Associate Agreements

Step 9: Business Associates (cont)

Step 9: Business Associates (cont)

Step 10: Attest for the Security Risk Analysis Meaningful Use Objective

Conclusion

Abbreviations

References

References (cont)