A Fun (and Educational) Look at Privacy and Security – Meaningful Use Monday

One of the most common sources of confusion about the meaningful use requirements is the Privacy and Security Risk Analysis measure. As I discussed in a past Meaningful Use Monday post, according to CMS, practices that are HIPAA compliant are likely in pretty good shape on this measure. For those physicians, what’s needed is documentation of the steps that were taken to review HIPAA compliance, the deficiencies identified, and what was done to remediate these exposures. (For more information, see the meaningful use chapter in ONC’s “Guide to Privacy and Security of Health Information.”)

This begs the question, “What exactly is HIPAA compliance?” I recently came upon the “Privacy and Security Training Game” that was created by ONC’s Chief Privacy Officer and couldn’t resist playing. While a lot of the information provided is quite basic for those with expertise in the privacy and security arena, as you progress through the game, the questions become more challenging. It’s definitely a fun way to introduce staff to the issues and increase awareness about the importance of safeguarding patient information.

Check out all of the past Meaningful Use Monday posts.

About the author

Lynn Scheps

Lynn Scheps is Vice President, Government Affairs at EHR vendor SRSsoft. In this role, Lynn has been a Voice of Physicians and SRSsoft users in Washington during the formulation of the meaningful use criteria. Lynn is currently working to assist SRSsoft users interested in showing meaningful use and receiving the EHR incentive money.

1 Comment

  • The game is cute, but actually covers some important points. Though I lost 10 points for requiring password changes monthly rather then quarterly!

    BTW, it did not work in Firefox; IE (with the new MS security patch, of course), worked fine.

    All kidding aside, it is clear that many doctors and staff don’t understand HIPAA very well. And it goes both ways; from systems running on unpatched Win XP – and in plain sight, to doctors who think that they have to hide their EHR screen from their current patient whose data is up on the screen!

Click here to post a comment
   

Categories