Healthcare: Time Is Running Out to Complete Your Meaningful Use Risk Assessment.


December 24, 2013

December 31st is fast approaching and if your healthcare organization hasn’t completed your Meaningful Use Risk Assessment for 2013 you’d better get busyIf you miss the deadline, you may have to return a full year of EHR (Electronic Health Record) incentive payments.

Your EHR or EHR components must meet the standards set by the Office of National Coordinator for Health Information Technology (ONC). An up-to-date list is posted on the ONC’s website at:

To receive EHR incentive payments, you must demonstrate that you have met the criteria for the EHR Incentive Program’s privacy and security objective and ensure adequate privacy and correct any identified deficiencies.  Plus a Meaningful Use Risk Assessment must be conducted at least once prior to the beginning of an EHR reporting period (annually).  

The EHR Incentive Program and the HIPAA Security Rule don’t mandate how the risk assessment should be done.  This is left up to you. Below are commonly recommended steps for performing an assessment:

  1. Identify the scope of the analysis
  2. Gather data
  3. Identify and document potential threats and vulnerabilities
  4. Assess current security measures
  5. Determine the likelihood of threat occurrence
  6. Determine the potential impact of threat occurrence
  7. Determine in the level of risk
  8. Identify security measure and finalize documentation
  9. Develop and implement a risk management plan
  10. Implement security measures
  11. Evaluate and maintain security measures

You will need to attest to CMS (Centers for Medicare and Medicaid) or your State that you have conducted the Assessment and have taken any corrective actions to eliminate the security deficiency or deficiencies identified in the Risk Assessment.

Integris is working around the clock to ensure assessments are performed, so be sure your Risk Assessment is completed by December 31, 2013.  For more information call us at (888) 330-8808 or email us immediately at

We're Integris. We're always working to empower people through technology.

Keep reading

Healthcare Cybersecurity Issues to Avoid and Best Practices

In 2021, healthcare data breaches hit a new record, impacting a total of 45 million people. That’s a shocking statistic that should raise awareness of the importance of cybersecurity in the healthcare sector. However, if you work in a hospital, lab, or other clinical...

Accounting Firms Trust Domain Technology Partners

Accounting Firms Trust Domain Technology Partners

Accountants have little room for error. Tax returns, financial statements, payroll and the like require 100 percent accuracy. Compliance dictates the need for audits for some companies which are critical to financing and credit. Your IT partner must understand the...