How to Leverage HIPAA for Meaningful Use

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "How to Leverage HIPAA for Meaningful Use"

Transcription

1 How to Leverage HIPAA for Meaningful Use The overlap between HIPAA and Meaningful Use requirements 2015 SecurityMetrics

2 How to Leverage HIPAA for Meaningful Use 2 About this ebook Who should read this ebook? Officers, practitioners, and managers in charge of HIPAA compliance and data security in small, medium, and large covered entities Anyone involved in Meaningful Use Incentive Program attestation What does this ebook include? A brief overview of HIPAA and Meaningful Use Overlap of Meaningful Use and HIPAA requirements Instructions on how to accomplish data security requirements for HIPAA and Meaningful Use Who is SecurityMetrics? SecurityMetrics has helped over one million organizations comply with HIPAA, PCI DSS, and other mandates. Our solutions combine innovative technology that streamlines validation with the personal support you need to fully understand compliance requirements. You focus on the business stuff we ve got compliance covered. Learn more about us at

3 How to Leverage HIPAA for Meaningful Use 3 Introduction No matter the size of your healthcare organization you have many requirements, mandates, laws, policies, etc. to comply with and worry about. This is all on top of providing health care services to patients, the reason you got into healthcare in the first place. As most of you know, covered entities that handle protected health information (PHI) are required to comply with the Health Insurance Portability and Accountability Act (HIPAA). Many healthcare professionals like you and the entities you work for also participate in Medicare and Medicaid EHR Incentive Programs. Both HIPAA and Meaningful Use s complex and time consuming requirements fall under the other stuff on your to do list. How this ebook helps This ebook covers the overlap between HIPAA and Meaningful Use, including two important security protocols to help protect patient data. The goal of this ebook is to help you save time, money, and other resources by leveraging your HIPAA compliance requirements for Meaningful Use attestation.

4 How to Leverage HIPAA for Meaningful Use 4 Meaningful Use Basics What is Meaningful Use? The Centers for Medicare and Medicaid Services (CMS) created incentive programs, commonly known as Meaningful Use, to encourage practices and hospitals to handle all their records electronically. Eligible professionals (EP), eligible hospitals (EH), and critical access hospitals (CAH) can qualify for Meaningful Use programs. You are only allowed to participate in one incentive program, so if you qualify for both the Medicare and Medicaid EHR Incentive Programs you must choose which program to participate in. Meaningful Use programs are divided into three stages. Each new stage increases requirements and measures to further practice and hospital implementation of their Certified EHR Technology (CEHRT). The CEHRT is the actual system used to electronically handle PHI. Meaningful Use Alphabet Soup CMS = Centers for Medicare and Medicaid Services EHR = Electronic Health Records CEHRT = Certified EHR Technology CQMs = Clinical Quality Measures EP = Eligible Professional EH = Eligible Hospitals CAH = Critical Access Hospitals NQS Domains = National Quality Strategy Domains

5 How to Leverage HIPAA for Meaningful Use 5 Incentive Amounts The incentive payments are what makes going through the pain of CEHRT implementation and Meaningful Use attestation worth it. We don t like to call these kickbacks, but that s kind of what they are. Essentially, the government gives you money to become CEHRT users and Meaningful Use participants. Maximum payout for EPs in the Medicare Incentive Program if you started in 2011 is $43,720. See tables 1 and 2 for more detailed information. Incentive payments for EHs and CAHs are more complicated than for EPs. Medicare and Medicaid payments have a maximum payout of $6,370,400 for EHs and CAHs. See EHR Incentive Program for Medicare Hospitals: Calculating Payments and Medicaid Hospital Incentive Payments Calculations for a detailed breakdown of the formulas. Payments for Eligible Professionals Table 1 Medicare Payments* 2011 $43, $43, $38, $23,520 *Based on the year you start program Table 2 Medicaid Payments Year 1 $21,250 Year 2-6 $8,500 Max payout $63,750

6 How to Leverage HIPAA for Meaningful Use 6 Stages and Measures Each attestation stage has a number of measures that EPs, EHs, and CAHs must complete and attest to each year. These measures are broken into three categories: core measures, menu measures, and clinical quality measures. Core measures are all required. Healthcare organizations must choose a certain number of menu objectives to complete. For example, in Stage 1 EPs must meet 5 menu measures from a total list of 9. Which stage are you in? See which stage you are in based on your program participation start year. 1st year Stage of Meaningful Use TBD TBD TBD TBD In addition to core and menu measures, there are clinical quality measures (CQMs). CQMs are tools that help measure and track the quality of health care services provided by EPs, EHs, and CAHs. Starting in 2014, the CQMs chosen must cover at least 3 of the 6 National Quality Strategy (NQS) domains. NQS domains represent the Department of Health and Human Services (HHS) priorities for health care quality improvement. To receive an incentive payment, providers are required to submit CQM data from their CEHRT. Table 3 Measures for EP EH and CAH Stage 1 Stage 2 Stage 1 Stage 2 Core measures Menu measures Clinical quality measures 5 of 9 3 of 6 5 of 10 3 of 6 9 of 64 9 of 64 All of TBD TBD TBD TBD TBD TBD TBD TBD TBD TBD

7 How to Leverage HIPAA for Meaningful Use 7 Data Security Measures Stage 1 Data Security Measure Within the measures that organizations must attest to, there are a few measures that specifically cover data security. Because we are discussing how Meaningful Use relates to HIPAA, specifically the Security Rule, it s important you understand these measures. On the Meaningful Use worksheets, it lists an objective for each measure. The data security core objective (measure 13 for EPs and 12 for EHs and CAHs) is protect electronic health information created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities. The measure for this objective is conduct or review a security risk analysis in accordance with the requirements under 45 CFR (code of federal regulations) (a) (1) and implement security updates as necessary and correct identified security deficiencies as part of its risk management process. The CFR requirement referenced in the measure is the HIPAA risk analysis requirement. Based on how these Meaningful Use measures are written, you can see that Meaningful Use and HIPAA are related. We ll discuss how they are related in more detail in other sections. Stage 2 Data Security Measure In Stage 2, the data security objective is essentially the same as Stage 1 (measure 9 for EPs and 7 for EHs and CAHs), but the measures are expanded. Not only are EPs, EHs, and CAHs required to conduct or review a security risk analysis, they are to implement security updates as necessary and correct identified security deficiencies as part of the provider s risk management process. In HIPAA this is commonly known as a risk management plan. We ll discuss the risk

8 How to Leverage HIPAA for Meaningful Use 8 management plan more in the HIPAA section. CMS also added another HIPAA requirement in the measure for Stage 2, which is addressing the encryption/security of data stored in CEHRT in accordance with requirements under 45 CFR (a)(2)(iv) and 45 CFR (d)(3). Encryption protects sensitive data that is stored or transmitted to make it unreadable. How encryption works: 1. Data is entered into the computer 2. Before the data is stored/ transmitted, it is transformed into unreadable code 3. Only with a special key does the data become readable once again

9 How to Leverage HIPAA for Meaningful Use 9 Does Meaningful Use Make Sense for You? Although the idea of an incentive program is likely appealing, some professionals are starting to bail out. One reason is there are penalties if EPs, EHs, and CAHs can t meet the measures and CQMs. The penalties for Meaningful Use really boil down to reduced Medicare or Medicaid payments of anywhere between 1-5%. A lot of the smaller physicians we talk to bill around $100,000 a year to Medicaid and Medicare. If they lose 1% of those payments, that s $1,000 per year. If they lose up to 5%, that s $5,000 per year. Does it make sense for them to spend the money and time it takes to complete those Meaningful Use attestations? This is a big question for some providers, especially smaller ones. Incentive program participation decreased 17% in Participants decided it wasn t worth the effort, so they bailed out in We recommend you take a look at your Medicaid and Medicare payments and do what makes sense for your practice.

10 How to Leverage HIPAA for Meaningful Use 10 HIPAA Basics HIPAA Components Most people in the healthcare industry are familiar with the purpose of HIPAA compliance, but not everyone realizes the HIPAA standard is actually a combination of three separate rules: the Privacy Rule, Security Rule, and Breach Notification Rule. Security Rule The Security Rule sets standards for protecting PHI that is stored or transmitted in electronic form. The Security Rule is designed to be flexible and scalable to accommodate healthcare providers of all sizes and technology sophistication. Privacy Rule The Privacy Rule addresses appropriate PHI use and disclosure practices by healthcare organizations, and designates the right for individuals to understand and control how their medical data is used. Breach Notification Rule The Breach Notification Rule details the actions that must take place and the parties that must be notified in the event of a PHI breach.

11 HIPAA Survey by NueMD In October 2014, NueMD conducted a survey of more than 1,100 healthcare professionals to gauge their knowledge of HIPAA and preparedness for an audit. The results showed that only 35% said their business had conducted a mandatory HIPAA risk analysis. How to Leverage HIPAA for Meaningful Use 11 HIPAA Risk Analysis The risk analysis is the keystone of Security Rule compliance and data security efforts. The purpose of the risk analysis is to help covered entities identify and document potential security risks. Every security effort your organization needs to make will be determined by your risk analysis, so it s critical to conduct a complete and thorough analysis. HIPAA Risk Management Plan The risk management plan is the end result of a risk analysis. Your risk management plan should include all the risks found during your risk analysis and how you will evaluate, prioritize, and implement security controls to remediate these risks.

12 How to Leverage HIPAA for Meaningful Use 12 Meaningful Use and HIPAA Overlap Two Birds With One Stone Will your Meaningful Use attestation count 100% for HIPAA compliance? No. Will HIPAA compliance count 100% for Meaningful Use attestation? No. There is no complete overlap between Meaningful Use and HIPAA. However, there is enough overlap to make a significant impact. A risk analysis is one main requirement that applies to both Meaningful Use and HIPAA. Common Risk Analysis Questions Both HIPAA and Meaningful Use require a risk analysis. All stages of Meaningful Use include some element of a risk analysis and data security. Will your Meaningful Use risk analysis cover your HIPAA risk analysis? Unfortunately, too often the answer is, no. Entities get hung up on thinking that Meaningful Use is focused just on the CEH- RT. Will your HIPAA risk analysis cover your Meaningful Use risk analysis? Normally yes, as long as you ve done a complete and thorough analysis. The HIPAA risk analysis encompasses the CEHRT, as well as all PHI including paper records, s, calendars, other systems, etc. Because the risk analysis includes the CEHRT it also counts for Meaningful Use measures.

13 How to Leverage HIPAA for Meaningful Use 13 Risk Analysis Deep Dive Elements of a Risk Analysis Let s make sure we are on the same page when we talk about a risk analysis. A risk analysis finds security issues in your PHI environment through the analysis of 3 components: vulnerabilities, threats, and risks. those systems. But you also need to be aware of threats within your own internal systems. Technically, your staff is a threat. A workforce member could unintentionally or intentionally do something to trigger one of your vulnerabilities. A vulnerability is a flaw or weakness in a system, procedure, implementation, or security control that could result in a security breach. Vulnerabilities can be either technical or non-technical. Technical vulnerabilities can be holes, flaws, or weaknesses in IT systems. Non-technical vulnerabilities can be ineffective or non-existent procedures, policies, standards, and guidelines. Vulnerability = a flaw or weakness in a system, procedure, or security control that could result in a security breach. A threat is some force or person that might intentionally or unintentionally trigger a specific vulnerability. Oftentimes threats are thought of in terms of computer systems and attackers exploiting Threat = some force or person that might intentionally or unintentionally trigger a specific vulnerability.

14 How to Leverage HIPAA for Meaningful Use 14 Risk is the likelihood that one of these threats accidentally or intentionally triggers the vulnerability. Risks are really what auditors look at during HIPAA audits. A risk analysis identifies vulnerabilities that expose your organization to potential risk. This will help you determine and prioritize the most threatening risks to take care of first and which risks may not even be worth addressing in your risk management plan. The HHS hasn t given a specific risk analysis process to use but did suggest using the NIST guide. Risk Analysis Process Identify the scope of the analysis Gather data Identify and document potential vulnerabilities and threats Assess current security objectives Determine the likelihood of threat occurrence Determine the potential impact of threat occurrence Determine the level of risk Identify security objectives and finalize documentation

15 How to Leverage HIPAA for Meaningful Use 15 Remediating Risks Deep Dive Risk Management Plan Both Meaningful Use and HIPAA require you to correct your security problems. The HHS recognizes that many organizations are not completely secure. They understand most of us have risks we haven t fully remediated. They just want to see forward movement with HIPAA and patient data security. Encrypt, Encrypt, Encrypt Meaningful Use Stage 2 expanded patient data security requirements even further. Not only do you need to remediate risks found during the risk analysis, but you also need to include encryption and security of data stored in the CEHRT. While speaking at the HIMSS Privacy and Security Forum, Linda Sanches from HHS spoke about encryption as her most important advice to avoid a breach. Encryption needs to go beyond the CEHRT and is required for all stored data under HIPAA. Based on the HHS Wall of Shame data as of 2014, nearly 55% of breaches were caused by loss or theft. Not all of these breaches could have been avoided by enabling encryption, but many could have.

16 How to Leverage HIPAA for Meaningful Use 16 Conclusion We ve learned that your HIPAA risk analysis will cover your Meaningful Use risk analysis requirement. We ve also learned that both HIPAA and Meaningful Use require you to secure your patient data. We are not sure what the Meaningful Use Stage 3 core measures will be, but it is safe to say there will be a requirement based on protecting patient data that will overlap with HIPAA. Although Meaningful Use attestation comes down to checking a yes or no box, there is a lot that goes into that one check box. It is important to go through a complete and thorough risk analysis, remediate risks, and implement encryption, so you can truly say you re protecting patient data. SecurityMetrics gave me the support and help to quickly review my HIPAA compliance. A great and easy experience. HIPAA compliance can be a complicated and timeconsuming project. SecurityMetrics HIPAA services help you tackle compliance with simple steps at your own pace. Contact us for a free HIPAA compliance consultation. David Hunt Elevate Fitness and Rehab I

Guidance on Risk Analysis Requirements under the HIPAA Security Rule

Guidance on Risk Analysis Requirements under the HIPAA Security Rule Guidance on Risk Analysis Requirements under the HIPAA Security Rule Introduction The Office for Civil Rights (OCR) is responsible for issuing annual guidance on the provisions in the HIPAA Security Rule.

More information

Sunday March 30, 2014, 9am noon HCCA Conference, San Diego

Sunday March 30, 2014, 9am noon HCCA Conference, San Diego Meaningful Use as it Relates to HIPAA Compliance Sunday March 30, 2014, 9am noon HCCA Conference, San Diego CLAconnect.com Objectives and Agenda Understand the statutory and regulatory background and purpose

More information

HIPAA Security Risk Analysis for Meaningful Use

HIPAA Security Risk Analysis for Meaningful Use HIPAA Security Risk Analysis for Meaningful Use NOTE: Make sure your computer speakers are turned ON. Audio will be streaming through your speakers. If you do not have computer speakers, call the ACCMA

More information

HITRUST CSF Assurance Program

HITRUST CSF Assurance Program HITRUST CSF Assurance Program Simplifying the Meaningful Use Privacy and Security Risk Assessment September 2010 Table of Contents Regulatory Background CSF Assurance Program Simplifying the Risk Assessment

More information

Meaningful Use and Security Risk Analysis

Meaningful Use and Security Risk Analysis Meaningful Use and Security Risk Analysis Meeting the Measure Security in Transition Executive Summary Is your organization adopting Meaningful Use, either to gain incentive payouts or to avoid penalties?

More information

Guided HIPAA Compliance

Guided HIPAA Compliance Guided HIPAA Compliance HIPAA Solutions for Office Managers and Practitioners SecurityMetrics We protect business Since its founding in 2000, privately-held SecurityMetrics has grown from a small security

More information

Minnesota EHR Incentive Program (MEIP) 2015 2017 Program Year Timeline for EPs, EHs and CAHs. Updated November 2015

Minnesota EHR Incentive Program (MEIP) 2015 2017 Program Year Timeline for EPs, EHs and CAHs. Updated November 2015 Minnesota EHR Incentive Program (MEIP) 2015 2017 Program Year Timeline for EPs, EHs and CAHs Updated November 2015 Glossary CAH Critical access hospitals CEHRT Certified electronic health record technology

More information

Stage 2 Meaningful Use

Stage 2 Meaningful Use Stage 2 Meaningful Use Stage 2 Topics Overview 2014 Reporting Changes Medicaid Provider Eligibility Measures Overview Core Objectives Comparison Menu Objectives Comparison Clinical Quality Measures 2 High

More information

Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use

Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use Click to edit Master title style Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use Andy Petrovich, MHSA, MPH M-CEITA / Altarum Institute April 8, 2015 4/8/2015 1 1 Who is M-CEITA?

More information

HIPAA Security. 6 Basics of Risk Analysis and Risk Management. Security Topics

HIPAA Security. 6 Basics of Risk Analysis and Risk Management. Security Topics HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical

More information

SecurityMetrics Business Associate HIPAA compliance program

SecurityMetrics Business Associate HIPAA compliance program SecurityMetrics Business Associate HIPAA compliance program IS YOUR PHI SAFE? Business associates help your business succeed, but are they a liability? When your BAs are not HIPAA compliant, your business

More information

Trust 9/10/2015. Why Does Privacy and Security Matter? Who Must Comply with HIPAA Rules? HIPAA Breaches, Security Risk Analysis, and Audits

Trust 9/10/2015. Why Does Privacy and Security Matter? Who Must Comply with HIPAA Rules? HIPAA Breaches, Security Risk Analysis, and Audits HIPAA Breaches, Security Risk Analysis, and Audits Derrick Hill Senior Health IT Advisor Kentucky REC Why Does Privacy and Security Matter? Trust Who Must Comply with HIPAA Rules? Covered Entities (CE)

More information

Objectives 5/5/2015. Quality Health Associates (QHA) of ND

Objectives 5/5/2015. Quality Health Associates (QHA) of ND Privacy and Security: HIPAA/HITECH/Meaningful Use Looking Back, Forging Ahead Patti Kritzberger, RHIT, CHPS Quality Health Associates of North Dakota HIT/Quality Improvement Specialist Quality Health Associates

More information

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry Information Protection Framework: Data Security Compliance and Today s Healthcare Industry Executive Summary Today s Healthcare industry is facing complex privacy and data security requirements. The movement

More information

Ensuring Privacy & Security of Patient Information

Ensuring Privacy & Security of Patient Information Ensuring Privacy & Security of Patient Information Danika Brinda, Assistant Professor and REACH P&S Subject Matter Expert Jane McGrath, Program Manager REACH/Stratis Health Session 12, Thursday, June 12,

More information

Meaningful Use Audits. NextGen Physician Consulting Services

Meaningful Use Audits. NextGen Physician Consulting Services Meaningful Use Audits NextGen Physician Consulting Services Agenda Audit Overview Documentation for measures requiring numerator and denominator data Documentation for attestation only measures Security

More information

Strategies for. Proactively Auditing. Compliance to Mitigate. Matt Jackson, Director Kevin Dunnahoo, Manager

Strategies for. Proactively Auditing. Compliance to Mitigate. Matt Jackson, Director Kevin Dunnahoo, Manager Strategies for 1 Proactively Auditing HIPAA Security Compliance to Mitigate Risk Matt Jackson, Director Kevin Dunnahoo, Manager AHIA 32 nd Annual Conference August 25-28, 2013 Chicago, Illinois www.ahia.org

More information

HIT Audit Workshop. Jeffrey W. Short. jshort@hallrender.com

HIT Audit Workshop. Jeffrey W. Short. jshort@hallrender.com HIT Audit Workshop Jeffrey W. Short jshort@hallrender.com 1 Audits and Investigations to be Discussed Meaningful Use Audits HIPAA Audits Data Breach Investigations Software Vendor Audits FTC Investigations

More information

The now tips, the how tools, and the must timing for your MU path in 2014.

The now tips, the how tools, and the must timing for your MU path in 2014. Meaningful Use in 2014 - Window of Opportunity The now tips, the how tools, and the must timing for your MU path in 2014. Inside you will find: CLICK ON TITLES TO NAVIGATE MU 2014 updates; Must know changes!

More information

HIPAA COMPLIANCE PLAN FOR 2013

HIPAA COMPLIANCE PLAN FOR 2013 HIPAA COMPLIANCE PLAN FOR 2013 Welcome! Presentor is Rebecca Morehead, Practice Manager Strategist www.practicemanagersolutions.com Meaningful Use? As a way to encourage hospitals and providers to adopt

More information

MEANINGFUL USE Stages 1 & 2

MEANINGFUL USE Stages 1 & 2 MEANINGFUL USE Stages 1 & 2 OVERVIEW Meaningful Use is the third step in the journey to receive funds under the CMS EHR Incentive Programs. Meaningful Use (MU) is the utilization of certified electronic

More information

EHR Incentive Programs: 2015 through 2017 (Modified Stage 2) Overview

EHR Incentive Programs: 2015 through 2017 (Modified Stage 2) Overview EHR Incentive Programs: 2015 through 2017 (Modified Stage 2) Overview CMS recently released a final rule that specifies criteria that eligible professionals (EPs), eligible hospitals, and critical access

More information

HIPAA and HITECH Compliance for Cloud Applications

HIPAA and HITECH Compliance for Cloud Applications What Is HIPAA? The healthcare industry is rapidly moving towards increasing use of electronic information systems - including public and private cloud services - to provide electronic protected health

More information

5/11/2015 AGENDA ROUNDTABLE PARTICIPANTS TALES FROM THE FRONTLINES OF MEANINGFUL USE: FOCUS ON OPTOMETRY

5/11/2015 AGENDA ROUNDTABLE PARTICIPANTS TALES FROM THE FRONTLINES OF MEANINGFUL USE: FOCUS ON OPTOMETRY TALES FROM THE FRONTLINES OF MEANINGFUL USE: FOCUS ON OPTOMETRY Best Practices, Lessons Learned and the Road Ahead June 25, 2015 The CMS EHR Meaningful Use program brings special challenges to the field

More information

Preparing for HIPAA and Meaningful Use Compliance Audits

Preparing for HIPAA and Meaningful Use Compliance Audits Preparing for HIPAA and Meaningful Use Compliance Audits Presented by: David Holtzman VP of Compliance, CynergisTek CynergisTek, Inc. 11410 Jollyville Road, Suite 2201, Austin TX 78759 512.402.8550 info@cynergistek.com

More information

Does Your Information Security Program Measure Up? Session #74

Does Your Information Security Program Measure Up? Session #74 Does Your Information Security Program Measure Up? Session #74 DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy

More information

TABLE 1: STAGE OF MEANINGFUL USE CRITERIA BY FIRST PAYMENT YEAR

TABLE 1: STAGE OF MEANINGFUL USE CRITERIA BY FIRST PAYMENT YEAR OVERVIEW The Centers for Medicare and Services (CMS) on March 20 released its proposed rule for Stage 3 of the Electronic Health Record (EHR) Incentive Program, also called Meaningful Use (MU) Stage 3

More information

Audit Alert: Are You Prepared? You Have A Good Chance of Being Selected

Audit Alert: Are You Prepared? You Have A Good Chance of Being Selected Audit Alert: Are You Prepared? You Have A Good Chance of Being Selected HIT Summit July 26, 2014 Lee Castonguay Hawaii Pacific Regional Extension Center lcastonguay@hawaiihie.org Or How to keep your incentive

More information

Privacy and Security: Meaningful Use in Healthcare Organizations

Privacy and Security: Meaningful Use in Healthcare Organizations Privacy and Security: Meaningful Use in Healthcare Organizations Phyllis A. Patrick, MBA, FACHE, CHC July 20, 2011 Webinar Essentials 1. Session is currently being recorded, and will be available on our

More information

Meaningful Use Stage 2 2014

Meaningful Use Stage 2 2014 Meaningful Use Stage 2 2014 Marcela Reyes, CHTS- CP Sevocity Product Manager 877-777-2298!! www.sevocity.com! ! What is Meaningful Use?! How do I parbcipate?! Medicare or Medicaid?! Register! ADest Meaningful

More information

Security Is Everyone s Concern:

Security Is Everyone s Concern: Security Is Everyone s Concern: What a Practice Needs to Know About ephi Security Mert Gambito Hawaii HIE Compliance and Privacy Officer July 26, 2014 E Komo Mai! This session s presenter is Mert Gambito

More information

Privacy and Security Challenges of Meaningful Use

Privacy and Security Challenges of Meaningful Use Privacy and Security Challenges of Meaningful Use Rich Cohan, MBA, FACHE, CHC, CCEP Adam H. Greene, JD, MPH DISCLAIMER: The views and opinions expressed in this presentation are those of the author and

More information

CMS EHR Incentive Programs:

CMS EHR Incentive Programs: CMS EHR Incentive Programs: An Overview Meaningful Use Stages Vidya Sellappan Centers for Medicare & Medicaid Services Office of E-Health Standards and Services HIT Initiatives Group August 13, 2014 Table

More information

Meaningful Use: Terms & Timelines, Changes to Stage 1, and Stage 2 Overview

Meaningful Use: Terms & Timelines, Changes to Stage 1, and Stage 2 Overview Meaningful Use: Terms & Timelines, Changes to Stage 1, and Stage 2 Overview NYC REACH Primary Care Information Project NYC Department of Health & Mental Hygiene 1 Agenda Terms & Timelines of Meaningful

More information

Cybersecurity for Meaningful Use. 2013 FRHA Annual Summit "Setting the Health Care Table: Politics, Economics, Health" November 20-22, 2013

Cybersecurity for Meaningful Use. 2013 FRHA Annual Summit Setting the Health Care Table: Politics, Economics, Health November 20-22, 2013 Cybersecurity for Meaningful Use 2013 FRHA Annual Summit "Setting the Health Care Table: Politics, Economics, Health" November 20-22, 2013 Healthcare Sector Vulnerable to Hackers By Robert O Harrow Jr.,

More information

LOOKING FORWARD TO STAGE 2 MEANINGFUL USE. 2012 Louisiana HIPAA & EHR Conference Presenter: Kathleen Keeley

LOOKING FORWARD TO STAGE 2 MEANINGFUL USE. 2012 Louisiana HIPAA & EHR Conference Presenter: Kathleen Keeley LOOKING FORWARD TO STAGE 2 MEANINGFUL USE 2012 Louisiana HIPAA & EHR Conference Presenter: Kathleen Keeley Topics of Discussion Stage 2 Eligibility Stage 2 Meaningful Use Clinical Quality Measures Payment

More information

HIPAA Security Prepare Now or Wait and See?

HIPAA Security Prepare Now or Wait and See? HIPAA Security Prepare Now or Wait and See? Background An ounce of prevention is worth a pound of cure, a saying often used in a healthcare context, was first coined by Benjamin Franklin more than two

More information

Meaningful Use 2015 and beyond. Presented by: Anna Mrvelj EMR Training Specialist

Meaningful Use 2015 and beyond. Presented by: Anna Mrvelj EMR Training Specialist Meaningful Use 2015 and beyond Presented by: Anna Mrvelj EMR Training Specialist 1 Agenda A look at the CMS Website Finding your EMR version Certification Number Proposed Rule by the Centers for Medicare

More information

9/9/2015. Medicare/Medicaid Incentive Program. Medicare/Medicaid Incentive Program. Meaningful Use, Penalties and Audits

9/9/2015. Medicare/Medicaid Incentive Program. Medicare/Medicaid Incentive Program. Meaningful Use, Penalties and Audits Meaningful Use, Penalties and Audits SHERI SMITH, FACMPE STATE VOLUNTEER MUTUAL INSURANCE COMPANY Copyright 2014 State Volunteer Mutual Insurance Company Medicare/Medicaid Incentive Program Medicare/Medicaid

More information

The Case For HIPAA Risk Assessment. Leader s Guide

The Case For HIPAA Risk Assessment. Leader s Guide 4547 The Case For HIPAA Risk Assessment Leader s Guide IMPORTANT INFORMATION FOR EDUCATION COORDINATORS & PROGRAM FACILITATORS PLEASE NOTE: In order for this program to meet Florida course requirements,

More information

STAGE 2 of the EHR Incentive Programs

STAGE 2 of the EHR Incentive Programs EHR Incentive Programs A program administered by the Centers for Medicare & Medicaid Services (CMS) Eligible Professional s Guide to STAGE 2 of the EHR Incentive Programs September 2013 TABLE OF CONTENTS...

More information

Meaningful Use Stage 2. Creating the Foundation for Population Health

Meaningful Use Stage 2. Creating the Foundation for Population Health Meaningful Use Stage 2 Creating the Foundation Creating the Foundation You ve downloaded this ebook just in time. Are you ready to begin building toward Meaningful Use (MU) Stage 2? Each MU requirement

More information

HIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services

HIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services HIPAA Secure Now! How MSPs Can Profit From Selling HIPAA security services How MSPs can profit from selling HIPAA security services Managed Service Providers (MSP) can use the Health Insurance Portability

More information

The HIPAA Omnibus Final Rule

The HIPAA Omnibus Final Rule WHITE PAPER The HIPAA Omnibus Final Rule Four risk exposure events that can uncover compliance issues leading to investigations, potential fines, and damage to your organization s reputation. By Virginia

More information

Modified Stage 2 Meaningful Use 2015-2017

Modified Stage 2 Meaningful Use 2015-2017 Click to edit Master title style Modified Stage 2 Meaningful Use 2015-2017 Bruce Maki, MA M-CEITA / Altarum Institute Regulatory & Incentive Program Analyst 12/14/2015 1 1 Agenda 1. Overview of M-CEITA

More information

Meaningful Use Stage 2 Requirements Primer

Meaningful Use Stage 2 Requirements Primer WHITE PAPER Meaningful Use Stage 2 Requirements Primer Shefali Mookencherry, MPH, MSMIS, RHIA Principal Consultant Hayes Management Consulting Hayes WHITE PAPER: Meaningful Use Stage 2 Requirements Source:

More information

Medicaid EHR Incentive Program Dentists as Eligible Professionals. Kim Davis-Allen, Outreach Coordinator Kim.davis@ahca.myflorida.

Medicaid EHR Incentive Program Dentists as Eligible Professionals. Kim Davis-Allen, Outreach Coordinator Kim.davis@ahca.myflorida. Medicaid EHR Incentive Program Dentists as Eligible Professionals Kim Davis-Allen, Outreach Coordinator Kim.davis@ahca.myflorida.com Considerations Must begin participation by Program Year 2016 Not required

More information

8/3/2015. Integrating Behavioral Health and HIV Into Electronic Health Records Communities of Practice

8/3/2015. Integrating Behavioral Health and HIV Into Electronic Health Records Communities of Practice Integrating Behavioral Health and HIV Into Electronic Health Records Communities of Practice Monday, August 3, 2015 1 How to ask a question during the webinar If you dialed in to this webinar on your phone

More information

NEW PERSPECTIVES. Professional Fee Coding Audit: The Basics. Learn how to do these invaluable audits page 16

NEW PERSPECTIVES. Professional Fee Coding Audit: The Basics. Learn how to do these invaluable audits page 16 NEW PERSPECTIVES on Healthcare Risk Management, Control and Governance www.ahia.org Journal of the Association of Heathcare Internal Auditors Vol. 32, No. 3, Fall, 2013 Professional Fee Coding Audit: The

More information

Meaningful Use 2014 Changes

Meaningful Use 2014 Changes Meaningful Use 2014 Changes Lisa Sagwitz HIT Workflow & Implementation Coordinator September 4, 2014 1 PA Reach Who are we? Designated by ONC as the PA East and PA West Regional Extension Center We have

More information

CMS Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs Final Rule Overview October 8, 2015

CMS Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs Final Rule Overview October 8, 2015 CMS Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs Final Rule Overview October 8, 2015 Elizabeth S. Holland Center for Clinical Standards and Quality Centers for Medicare & Medicaid

More information

Privacy and Security Meaningful Use Requirement HIPAA Readiness Review

Privacy and Security Meaningful Use Requirement HIPAA Readiness Review Privacy and Security Meaningful Use Requirement HIPAA Readiness Review REACH - Achieving - Achieving meaningful meaningful use of your use EHR of your EHR Patti Kritzberger, RHIT, CHPS ND e-health Summit

More information

OIG Security Audit: What You Need To Know

OIG Security Audit: What You Need To Know Watch the Replay on YouTube OIG Security Audit: What You Need To Know Executive Series Webinar July 23rd, 2015 Today s Speakers Elana R. Zana Attorney & Author Ogden Murphy Wallace P.L.L.C. ezana@omwlaw.com

More information

Community Health Center Association of Connecticut Meaningful Use: Audit Preparedness And Other Challenges February 12, 2015

Community Health Center Association of Connecticut Meaningful Use: Audit Preparedness And Other Challenges February 12, 2015 Community Health Center Association of Connecticut Meaningful Use: Audit Preparedness And Other Challenges February 12, 2015 Joan W. Feldman, Esq. William J. Roberts, Esq. Shipman & Goodwin LLP 2014. All

More information

Data Breach, Electronic Health Records and Healthcare Reform

Data Breach, Electronic Health Records and Healthcare Reform Data Breach, Electronic Health Records and Healthcare Reform (This presentation is for informational purposes only and it is not intended, and should not be relied upon, as legal advice.) Overview of HIPAA

More information

HIPAA: Compliance Essentials

HIPAA: Compliance Essentials HIPAA: Compliance Essentials Presented by: Health Security Solutions August 15, 2014 What is HIPAA?? HIPAA is Law that governs a person s ability to qualify immediately for health coverage when they change

More information

HIPAA and HITRUST - FAQ

HIPAA and HITRUST - FAQ A COALFIRE WHITE PAPER HIPAA and HITRUST - FAQ by Andrew Hicks, MBA, CISA, CCM, CRISC, HITRUST CSF Practitioner Director, Healthcare Practice Lead Coalfire February 2013 Introduction Organizations are

More information

STATE MEDICAID ELECTRONIC HEALTH RECORD INCENTIVE PROGRAM STAGE 1 AND 2 ATTESTATION REFERENCE GUIDE

STATE MEDICAID ELECTRONIC HEALTH RECORD INCENTIVE PROGRAM STAGE 1 AND 2 ATTESTATION REFERENCE GUIDE STATE MEDICAID ELECTRONIC HEALTH RECORD INCENTIVE PROGRAM STAGE 1 AND 2 ATTESTATION REFERENCE GUIDE ELIGIBLE PROFESSIONALS AHCCCS 801 East Jefferson Street Phoenix, Arizona 85034 (602)417-4000 www.azahcccs.gov

More information

Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE

Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE [ Hosting for Healthcare: Addressing the Unique Issues of Health IT & Achieving End-to-End Compliance

More information

Medicare & Medicaid EHR Incentive Programs

Medicare & Medicaid EHR Incentive Programs Medicare & Medicaid EHR Incentive Programs Eligibility 2 Who is Eligible to Participate? Eligibility was defined in statute Hospital-based EPs are NOT eligible for incentives DEFINITION: 90% or more of

More information

Demonstrating Meaningful Use of EHRs: The top 10 compliance challenges for Stage 1 and what s new with 2

Demonstrating Meaningful Use of EHRs: The top 10 compliance challenges for Stage 1 and what s new with 2 Demonstrating Meaningful Use of EHRs: The top 10 compliance challenges for Stage 1 and what s new with 2 Today s discussion A three-stage approach to achieving Meaningful Use Top 10 compliance challenges

More information

HIPAA Omnibus Rule Practice Impact. Kristen Heffernan MicroMD Director of Prod Mgt and Marketing

HIPAA Omnibus Rule Practice Impact. Kristen Heffernan MicroMD Director of Prod Mgt and Marketing HIPAA Omnibus Rule Practice Impact Kristen Heffernan MicroMD Director of Prod Mgt and Marketing 1 HIPAA Omnibus Rule Agenda History of the Rule HIPAA Stats Rule Overview Use of Personal Health Information

More information

Meaningful Use Audit Red Flags: Pay Careful Attention To The Security Risk Analysis - Or Else

Meaningful Use Audit Red Flags: Pay Careful Attention To The Security Risk Analysis - Or Else Meaningful Use Audit Red Flags: Pay Careful Attention To The Security Risk Analysis - Or Else Jim Tate Founder: EMR Advocate, Inc. Managing Partner: HITECH Answers Author of The Incentive Roadmap The Meaningful

More information

Compliance, Security and Risk Management Relationship Advice. Andrew Hicks, Director Coalfire

Compliance, Security and Risk Management Relationship Advice. Andrew Hicks, Director Coalfire Compliance, Security and Risk Management Relationship Advice Andrew Hicks, Director Coalfire Housekeeping You may submit questions throughout the webinar using the question area in the control panel on

More information

10/19/2015. Meaningful Use: Current and Future Environment. Agenda. MGMA Annual Conference Nashville, TN October 13, 2015

10/19/2015. Meaningful Use: Current and Future Environment. Agenda. MGMA Annual Conference Nashville, TN October 13, 2015 Meaningful Use: Current and Future Environment MGMA Annual Conference Nashville, TN October 13, 2015 Agenda Current Environment Stage 2 Flexibility Final Rule Key challenge for practices A look Ahead at

More information

Empowering Nurses & Building Trust Through Health IT

Empowering Nurses & Building Trust Through Health IT Empowering Nurses & Building Trust Through Health IT Helen Caton-Peters, MSN, RN Health Information Privacy & Security Specialist Office of the National Coordinator for Health Information Technology 2

More information

Summary of Public Health Related Aspects of Recent ONC and CMS Final Rules Version 1.0

Summary of Public Health Related Aspects of Recent ONC and CMS Final Rules Version 1.0 Summary of Public Health Related Aspects of Recent ONC and CMS Final Rules Compiled by: Sanjeev Tandon and Mark Jensen at CDC/OPHSS/CSELS/OD from the CMS & ONC Stage 2 Electronic Health Records (EHR) Meaningful

More information

A Deep Dive Into MU Stage 2

A Deep Dive Into MU Stage 2 A Deep Dive Into MU Stage 2 A Complimentary Webinar From healthsystemcio.com, Sponsored By Hyland Software, Developers of OnBase Your Line Will Be Silent Until Our Event Begins Thank You! Housekeeping

More information

Modifications to the Medicare and Medicaid Electronic Health Record (EHR) Incentive Program for 2014 Final Rule Summary

Modifications to the Medicare and Medicaid Electronic Health Record (EHR) Incentive Program for 2014 Final Rule Summary CY 2014 MPFS Final Rule Summary December 3, 2013 Page 1 Modifications to the Medicare and Medicaid Electronic Health Record (EHR) Incentive Program for 2014 Final Rule Summary SEPTEMBER 2014 Page 2 TABLE

More information

Impact of Meaningful Use and Healthcare Transformation On Patient Access

Impact of Meaningful Use and Healthcare Transformation On Patient Access Impact of Meaningful Use and Healthcare Transformation On Patient Access Copyright 2011 BluePrint Healthcare IT. All rights reserved NAHAM Northeast Conference October 2011 Stamford, CT Introduction 1.

More information

Securing Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use

Securing Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use Securing Patient Portals What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use September 2013 Table of Contents Abstract... 3 The Carrot and the Stick: Incentives and Penalties for Securing

More information

Achieving Meaningful Use in Private Practice. A close examination of Stage 2 requirements

Achieving Meaningful Use in Private Practice. A close examination of Stage 2 requirements Achieving Meaningful Use in Private Practice A close examination of Stage 2 requirements Abstract As part of the American Recovery and Reinvestment Act of 2009, the Federal Government laid the groundwork

More information

Tools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits

Tools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits Tools to Prepare and Protect Your Practice for HIPAA and Meaningful Use Audits Presented by: Don Waechter, Managing Partner Health Compliance Partners Ann Breitinger, Attorney Blalock Walters Legal Disclaimer

More information

Meaningful Use Audit: A Quick Reference For Certified EHR Eligible Professionals. www.revenuexl.com

Meaningful Use Audit: A Quick Reference For Certified EHR Eligible Professionals. www.revenuexl.com Meaningful Use Audit: A Quick Reference For Certified EHR Eligible Professionals www.revenuexl.com CONTENTS Meaningful Use Audit : What Physicians Must Expect from it? 1 Meaningful Use Audit : An Essential

More information

Welcome to the Data Analytics Toolkit PowerPoint presentation on clinical quality measures, meaningful use, and data analytics.

Welcome to the Data Analytics Toolkit PowerPoint presentation on clinical quality measures, meaningful use, and data analytics. Welcome to the Data Analytics Toolkit PowerPoint presentation on clinical quality measures, meaningful use, and data analytics. According to the Centers for Medicare and Medicaid Services, Clinical Quality

More information

Best Practices in HIPAA Security Risk Assessments

Best Practices in HIPAA Security Risk Assessments BUSINESS WHITE PAPER Best Practices in HIPAA Security Risk Assessments Safeguard your protected health information (PHI) and mitigate the risk of a data breach or loss. WHITEPAPER Best Practices in HIPAA

More information

Data Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, 2014 2:15pm 3:30pm

Data Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, 2014 2:15pm 3:30pm Electronic Health Records: Data Security and Integrity of e-phi Worcester, MA Wednesday, 2:15pm 3:30pm Agenda Introduction Learning Objectives Overview of HIPAA HIPAA: Privacy and Security HIPAA: The Security

More information

How to Play by the (Final) Rules:

How to Play by the (Final) Rules: Click to edit Master title style How to Play by the (Final) Rules: An Overview of Meaningful Use Stage 2 Bruce Maki, MA M-CEITA / Altarum Institute Regulatory and Incentive Program Analyst March 11, 2015

More information

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule HIPAA More Important Than You Realize J. Ira Bedenbaugh Consulting Shareholder February 20, 2015 This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record

More information

HEALTH IT SECURITY AND THE SMALL PROVIDER

HEALTH IT SECURITY AND THE SMALL PROVIDER HEALTH IT SECURITY AND THE SMALL PROVIDER A Primer for 2013 Ben Watts EMRSOAP 2800 156TH Ave SE Suite 100 Bellevue WA 98007 Table of Contents Summary... 2 Why should a Small Provider care about protecting

More information

Agenda. What is Meaningful Use? Stage 2 - Meaningful Use Core Set. Stage 2 - Menu Set. Clinical Quality Measures (CQM) Clinical Considerations

Agenda. What is Meaningful Use? Stage 2 - Meaningful Use Core Set. Stage 2 - Menu Set. Clinical Quality Measures (CQM) Clinical Considerations AQAF Health Information Technology Forum Meaningful Use Stage 2 Clinical Considerations Marla Clinkscales & Mike Bice Alabama Regional Extension Center (ALREC) August 13, 2013 0 Agenda What is Meaningful

More information

Meaningful Use Stages 1 and 2 and How to Survive a Meaningful Use Audit. Charles Jarvis, Senior Manager

Meaningful Use Stages 1 and 2 and How to Survive a Meaningful Use Audit. Charles Jarvis, Senior Manager Meaningful Use Stages 1 and 2 and How to Survive a Meaningful Use Audit Charles Jarvis, Senior Manager Outline Overview Meaningful Use Stage 1 Differences between Stage 1 and Stage 2 Surviving a Meaningful

More information

Stage 2 Overview Tipsheet Last Updated: August, 2012

Stage 2 Overview Tipsheet Last Updated: August, 2012 Stage 2 Overview Tipsheet Last Updated: August, 2012 Overview CMS recently published a final rule that specifies the Stage 2 criteria that eligible professionals (EPs), eligible hospitals, and critical

More information

HIPAA Omnibus Rule Overview. Presented by: Crystal Stanton MicroMD Marketing Communication Specialist

HIPAA Omnibus Rule Overview. Presented by: Crystal Stanton MicroMD Marketing Communication Specialist HIPAA Omnibus Rule Overview Presented by: Crystal Stanton MicroMD Marketing Communication Specialist 1 HIPAA Omnibus Rule - Agenda History of the Omnibus Rule What is the HIPAA Omnibus Rule and its various

More information

Registration and Attestation

Registration and Attestation Registration and Attestation Presented by: Deb Anderson, HTS Consultant and Sarah Leake, HTS Consultant HTS, a division of Mountain Pacific Quality Health Foundation 1 About Health Technology Services

More information

Helping US Healthcare Providers Treat a Security Problem

Helping US Healthcare Providers Treat a Security Problem WHITE PAPER Helping US Healthcare Providers Treat a Security Problem www.tnshc.com 1 We ve diagnosed a problem in US healthcare Many providers may not knowingly realize that they are risking serious embarrassment

More information

Medicare & Medicaid EHR Incentive Programs

Medicare & Medicaid EHR Incentive Programs Medicare & Medicaid EHR Incentive Programs Stage 2 NPRM Overview Robert Anthony Office of E-Health Standards and Services Marsha Smith Office of Clinical Standards and Quality March 21, 2012 Proposed Rule

More information

4Medapproved Learning Lunch Webinar Series 7.24.13 How to Keep up with Stage 2 MU (Meaningful Use) Questions and Answers

4Medapproved Learning Lunch Webinar Series 7.24.13 How to Keep up with Stage 2 MU (Meaningful Use) Questions and Answers 4Medapproved Learning Lunch Webinar Series 7.24.13 How to Keep up with Stage 2 MU (Meaningful Use) Questions and Answers Q: Does transfer of care happen within a health system - say for example primary

More information

The HIPAA Audit Program

The HIPAA Audit Program The HIPAA Audit Program Anna C. Watterson Davis Wright Tremaine LLP The U.S. Department of Health and Human Services (HHS) was given authority, and a mandate, to conduct periodic audits of HIPAA 1 compliance

More information

Meaningful Use Stage 3 Proposed Rule: What it Means for Hospitals, Physicians & Health IT Developers

Meaningful Use Stage 3 Proposed Rule: What it Means for Hospitals, Physicians & Health IT Developers Meaningful Use Stage 3 Rule: What it Means for Hospitals, Physicians & Health IT Developers Vernessa T. Pollard and Nicole Liffrig Molife April 2015 With the publication of the Stage 3 Meaningful Use Rule

More information

2012 HIPAA Privacy and Security Audits

2012 HIPAA Privacy and Security Audits Office of the Secretary Office for Civil Rights (OCR) 2012 HIPAA Privacy and Security Audits Linda Sanches OCR Senior Advisor, Health Information Privacy Lead, HIPAA Compliance Audits OCR 1 Agenda Background

More information

How to Use the NYeC Privacy and Security Toolkit V 1.1

How to Use the NYeC Privacy and Security Toolkit V 1.1 How to Use the NYeC Privacy and Security Toolkit V 1.1 Scope of the Privacy and Security Toolkit The tools included in the Privacy and Security Toolkit serve as guidance for educating stakeholders about

More information

The Road to Robust Use of HIT: Navigating Meaningful Use and Beyond. by Jennifer McAnally, tnrec Director

The Road to Robust Use of HIT: Navigating Meaningful Use and Beyond. by Jennifer McAnally, tnrec Director The Road to Robust Use of HIT: Navigating Meaningful Use and Beyond by Jennifer McAnally, tnrec Director Presentation Objectives Participants will be able to: Verbalize the role Regional Extension Centers

More information

How to Report Once for 2015 Medicare Quality Reporting Programs: Individual Eligible Professionals

How to Report Once for 2015 Medicare Quality Reporting Programs: Individual Eligible Professionals Table of Contents How to Report Once for 2015 Medicare Quality Reporting Programs: Individual Eligible Professionals 3 How to Report Once for 2015 Medicare Quality Reporting Programs: Group Practices 5

More information

2/9/2012. 2012 HIPAA Privacy and Security Audit Readiness. Table of contents

2/9/2012. 2012 HIPAA Privacy and Security Audit Readiness. Table of contents 2012 HIPAA Privacy and Security Audit Readiness Mark M. Johnson National HIPAA Services Director Table of contents Page Background 2 Regulatory Background and HITECH Impacts 3 Office of Civil Rights (OCR)

More information

Medicare & Medicaid EHR Incentive Programs Elizabeth S. Holland, MPA Director, HIT Initiatives Group Office of E-Health Standards & Services, CMS

Medicare & Medicaid EHR Incentive Programs Elizabeth S. Holland, MPA Director, HIT Initiatives Group Office of E-Health Standards & Services, CMS Medicare & Medicaid EHR Incentive Programs Elizabeth S. Holland, MPA Director, HIT Initiatives Group Office of E-Health Standards & Services, CMS Program Progress Registered Eligible Hospitals 5.33% 94.67%

More information

FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS

FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS James J. Eischen, Jr., Esq. October 2013 Chicago, Illinois JAMES J. EISCHEN, JR., ESQ. Partner at Higgs, Fletcher

More information

Will the Feds Really Buy Me an EHR?

Will the Feds Really Buy Me an EHR? Steven Waldren, MD, David C. Kibbe, MD, MBA, and Jason Mitchell, MD Will the Feds Really Buy Me an EHR? and Other Commonly Asked Questions About the HITECH Act The economic stimulus package offers $19

More information

Medicare & Medicaid EHR Incentive Programs- Past, Present, & Future. Travis Broome, Centers for Medicare & Medicaid Services 12/18/2012

Medicare & Medicaid EHR Incentive Programs- Past, Present, & Future. Travis Broome, Centers for Medicare & Medicaid Services 12/18/2012 Medicare & Medicaid EHR Incentive Programs- Past, Present, & Future Travis Broome, Centers for Medicare & Medicaid Services 12/18/2012 Medicare-only Eligible Professionals Medicaid-only Eligible Professionals

More information