We all need to do a HIPAA Security analysis in order to attest to Meaningful Use.
“Conduct or review a security risk analysis per 45 CFR 164.308 (a)(1) and implement security updates as necessary and correct identified security deficiencies as part of its risk management process”
I am wondering how others are going about meeting this requirement.
If you want about 110 pages of questions to answer, the HIPAA Security Rule Toolkit from NIST may help -
http://scap.nist.gov/hipaa/NIST_HSR_Toolkit_User_Guide.pdf
http://scap.nist.gov/hipaa/downloads/Setup_HSR_Toolkit.exe
I hope there are less comprehensive options out there that would be considered valid.
I am interested to hear about any tools or solutions that have worked for others.
Thanks,-Tom Hoffman
Manager of Information Services
Wayne Memorial Hospital
570-251-6504
hof...@wmh.org
===###===###===###===###===###===###===
Please do NOT send messages that ask "Please post to the list" or "I'd like to see your answers" or "Send that info to me, too" These are useless messages that just waste the email server's resources. Instead, email the original requester and ask that they send you or post the results of their question.
To UNSUBSCRIBE or to SUBSCRIBE, go to http://MTUsers.net for information.
You can locate the:
1) meditech-l archives
2) NPR/Magic/CS tips
3) job opportunities in the Meditech community
http://mtusers.net
Do NOT send email to meditech...@MTUsers.com. This is a system email box that is NOT monitored by a human. If you need help or advice on how to use the meditech-l, email lo...@MTUsers.com or ju...@MTUsers.net. Both of these people help manage the meditech-l, so they are your best resource.
===***===***===***===***===***===***===
Jim Sehloff
M.S. MT(ASCP)
Information Security Analyst
CareTech Solutions at Holy Family Memorial
Office: (920) 320-2799
Cell: (920)973-4431
~Mike Cottle
>>> "Tom Hoffman" <hof...@wmh.org> 1/27/2012 4:02 PM >>>
http://scap.nist.gov/hipaa/NIST_HSR_Toolkit_User_Guide.pdf
http://scap.nist.gov/hipaa/downloads/Setup_HSR_Toolkit.exe
===###===###===###===###===###===###===
===***===***===***===***===***===***===
Disclaimer: The information in this message is confidential. If you are
not the intended recipient, do not disclose, copy, or distribute this
message, and please immediately contact the sender.