Before I dive right in to the six-step approach to help YOU implement a security management process, one clarification must be emphasized: The scope of a risk analysis for the Electronic Health Record (EHR) Incentive Programs security requirements is much narrower than the scope of a risk analysis for the HIPAA Security Rule Security Management […]
Every Business Associate (BA) that creates, receives, maintains, or transmits protected health information (PHI) is required to perform a comprehensive organization-wide HIPAA Risk Analysis (Per: §164.308(a)(1)(ii)(A)). This includes establishing and maintaining effective Security Management Process is not only a requirement, but is also a critical and a necessary activity for the protection of ALL of […]