Meaningful use security risk analysis: Do it right and retain your incentive

September 8, 2015
4:15pm - 5:00pm
General Session

At least 5 percent of healthcare organizations that have attested for meaningful use will undergo a CMS audit. And when it comes to auditing eligible hospitals and professionals who have received meaningful use dollars, CMS has zero tolerance. If you can’t prove you’ve met every core measure, prepare to return your incentive money.

When it comes to passing a meaningful use audit, the most significant fact may be this: A “core measure” of meaningful use is the requirement to "conduct or review a security risk analysis,” but neglecting to do that is the most common reason providers fail their EHR incentive audit, according to CMS.

But failure doesn’t have to be the default result. In this session, privacy and security experts from the Pennsylvania and Delaware regional extension centers will explain exactly what’s required to successfully execute a meaningful use risk analysis.

Calling on their experience of helping hundreds of providers do exactly that, they’ll cover, among other things:

  • Best practices and common methodology
  • Red flags and mistakes that could lead to failure
  • Key requirements
  • Auditor expectations

You’ll also hear from Ed Ricks, CIO of Beaufort Memorial Hospital, in Beaufort, S.C. Ricks’ team survived the “painful” audit process in 2013, and he’ll provide a first-hand account of how they aced their security risk analysis.


Privacy and Security Specialist
Quality Insights of Pennsylvania
Vice President of Information Services and Chief Information Officer
Beaufort Memorial Hospital
Privacy and Security Specialist
Quality Insights of Delaware

Learn more about the 2020 Event


Subscribe for updates