Protect PHI/Security Risk Analysis

This page will discuss the Security Risk Analysis measure of the Promoting Interoperability program.

Security Risk Analysis

The Security Risk Analysis is a required measure for the Promoting Interoperability program.

Measure: Conduct or review a security risk analysis in accordance with the requirements in 45 CFR 164.308(a)(1), including addressing the security (to include encryption) of ePHI data created or maintained by certified EHR technology in accordance with requirements in 45 CFR164.312(a)(2)(iv) and 45 CFR 164.306(d)(3), and implement security updates as necessary and correct identified security deficiencies as part of the MIPS eligible clinician's risk management process.
Performance Score: N/A
Eligible for Bonus Score: No

How to perform the Security Risk Analysis.

To complete the Security Risk Analysis measure we recommend HIPAA Secure Now. You can sign up for this service with a promo code of TRAK05 for a discount. Once the Security Risk Analysis has been completed the Promoting Interoperability Report must be updated for attestation.

How to Complete in TRAKnet

  • Click the Reports drop down menu and Quality Payment program - Promoting Interoperability.
  • On the Promoting Interoperability report screen click Attested Measures.
  • On the Attested Measures pop up check the box for Security Risk Analysis Attestation Date and set the date the Security Risk Analysis was completed.
  • Click Save to save and close the Attested Measures.

Training Video

See below for video instructions on how to perform Promoting Interoperability Security Risk Analysis in TRAKnet 3.1:

Promoting Interoperability - Security Risk Analysis from NEMO Health on Vimeo

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-NonCommercial-NoDerivs 3.0 License