This Is Frightening!
Happy October,
Time is rapidly speeding by. It’s time for ghosts, ghouls, and even more daunting; can you believe we are already in our 4th Quarter for MIPS? Attestation is around the corner, and we want to remind you that your Security Risk Analysis is a requirement for the program. If you have not reviewed or made any applicable changes/updates to your current analysis, now is the time to act.
A security risk analysis identifies, assesses, and assists with the implementation of essential security controls in applications. HIPAA Security Rule created the parameters of the security risk analysis that aim to protect electronic personal health information. This rule requires the assurance that confidentiality, integrity, and security comply with the requirements. When any high-risk threats are identified, an organization must focus efforts on preventing application security defects and vulnerabilities
Organizations must ensure that all potential risks and vulnerabilities to the confidentiality, availability, and integrity of ePHI that an organization creates, receives, maintains, or transmits are assessed.
Security standards include:
- Administrative Safeguards
- Physical Safeguards
- Technical Safeguard
- Organizational Requirements and
- Policy/Procedure Requirements
Additional guidance surrounds specifics within the security rule can be accessed through the link provided at HHS.gov.
CMS specifications surrounding this requirement provide valuable information and helpful links available for use as you prepare and review.
What approach have you taken to prepare for the 2021 MIPS reporting year? Have tips of your own? Share them with us in the comments section below. We would love to hear from you.
