Skip to main content

 

Kareo Help Center

Protect Patient Health Information

  1. Last updated
  2. Save as PDF

Protect electronic protected health information (ePHI) created or maintained by the CEHRT through the implementation of appropriate technical, administrative, and physical safeguards.

Security Risk Analysis Measure:           

Conduct or review a security risk analysis in accordance with the requirements in 45 CFR 164.308(a)(1), including addressing the security (to include encryption) of ePHI data created or maintained by CEHRT in accordance with requirements in 45 CFR 164.312(a)(2)(iv) and 45 CFR 164.306(d)(3), and implement security updates as necessary and correct identified security deficiencies as part of the MIPS eligible clinician’s risk management process.

  • Complete the Security Risk Assessment Tool (SRA Tool) found on the HealthIT website.
  • Maintain a completed copy in an Audit Folder.

 

Attestation:                                  Yes or No

Required for Base Score:        Yes

Performance Score Weight:   0

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. There are no recommended articles.
  1. Classifications
    This page has no classifications.
  2. Tags
    This page has no tags.