Practice Management Alert
Worried About Cybersecurity? Consider This New Tool
This new HealthIT.gov assessment tool can help you evaluate your risk. The Office of the National Coordinator for Health Information Technology (ONC) released a new security risk assessment (SRA) tool that is easy to access and use. Background: “The tool is designed to help healthcare providers conduct a security risk assessment as required by the HIPAA Security Rule and the Centers for Medicare and Medicaid Service (CMS) Electronic Health Record (EHR) Incentive Program,” ONC says on its website. The tool is designed to be both easy to use and intuitive. According to the ONC, some of the features of the SRA tool include: The tool is intended to be used as a sort of internal audit — your practice can assess its individual risk without having the results plastered everywhere. “All information entered into the SRA Tool is stored locally to the users’ computer or tablet. HHS does not receive, collect, view, store or transmit any information entered in the SRA Tool. The results of the assessment are displayed in a report which can be used to determine risks in policies, processes and systems and methods to mitigate weaknesses are provided as the user is performing the assessment,” ONC says. Caveat: This tool is designed to be most effective and efficient for smaller organizations. “The target audience of this tool is medium and small providers; thus, use of this tool may not be appropriate for larger organizations,” ONC says. If you used the previous version of this SRA tool — Version 2.0 — you can make small adjustments. “Note that you can’t directly transfer data from 2.0 to 3.0, but can upload certain portions (e.g., lists of assets and BAs),” ONC says. The ONC recommends downloading the former SRA Tool 2.0 and its user guide for more information. For more information on how to download and use the new SRA Tool 3.0, see https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool.
Practice Management Alert
- Billing:
Get the Skinny on Incident-To Billing
Look to Medicare rules for a basic foundation. It’s worth knowing how Medicare handles incident-to [...] - Compliance:
Don't Look to Federal Law if State Law More Stringent
Some states’ rules on patient privacy exceed even HIPAA requirements. It may seem like there’s [...] - Medicare:
Overpayment? It's Too Good To Be True
There’s no such thing as a Medicare windfall, so send any overcompensation back pronto. One [...] - Cybersecurity:
Worried About Cybersecurity? Consider This New Tool
This new HealthIT.gov assessment tool can help you evaluate your risk. The Office of the [...] - Reader Question:
Don't Let Holiday Scheduling Put a Damper on Your Spirit
Question: Our six-clinician practice closes on major holidays, but we still have a rotating on-call [...] - Reader Question:
Look to Prevention for Cold and Flu
Question: I work at the front desk so I’m on the frontline of cold and [...] - Reader Question:
Holiday Décor May Be More Problematic Than Fun
Question: I practice a different religion that most of my colleagues, and our office during [...] - Reader Question:
A Person's Drug Addiction May Qualify As Disability
Question: Is a drug addiction ever considered a disability, and if so, would that mean [...]
