Privacy & Security

As a medical provider you are required to protect electronic health information created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities.

Meaningful Use requires you to:
Conduct or review a security risk analysis in accordance with the requirements under 45 CFR 164.308(a)(1) and implement security updates as necessary and correct identified security deficiencies as part of its risk management process.

The Health Insurance Portability and Accountability Act (HIPAA) – Privacy and Security Rules, require providers to implement policies and procedures that will keep patients health information private and secure.

  • Reporting breaches of electronic health records
  • Access to electronic health records during an emergency
  • Role based access
  • Data encryption
  • Wireless security
  • Anti-virus usage
  • Firewall usage
  • System downtime
  • Password management
  • Data storage on transportable media
  • Data backup and restoration

For a refresher presentation on HIPAA Privacy and Security Compliance click here.

References and resources