Sign up to save your podcasts
Or
Share Episode 10: ONC Sample Seven-Step Approach for Implementing a Security Management Process
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 10: ONC Sample Seven-Step Approach for Implementing a Security Management Process
ONC recently published an updated guide for Privacy and Security of Electronic Health Information. This episode David and Donna discuss what that guide calls the Seven-Step Approach for Implementing a Security Management Process.
Links
Guide to Privacy and Security of Electronic Health Information
FindHealthcareIT
HIPAAforMSPS.com
Kardon Compliance
Notes
The 7 Steps
Step 1: Lead Your Culture, Select Your Team, and Learn
Assign your officers, make sure they are trained, show compliance is a top down commitment
Step 2: Document Your Process, Findings, and Actions
If you can't prove it then it didn't happen. Document your decisions, plans and activity
Step 3: Review Existing Security of ePHI (Perform Security Risk Analysis)
Review or perform your Security Risk Analysis and current security assessment
Step 4: Develop an Action Plan
The plan needs to address all the things you identified in your assessments, policies, and procedures
Step 5: Manage and Mitigate Risks
This is where your project management skills come into play making sure you have addressed all the risks in your Analysis and new ones aren't showing up
Step 6: Attest for Meaningful Use SecurityRelated Objective
If you are attesting make sure you have done the previous steps
Step 7: Monitor, Audit, and Update Security on an Ongoing Basis
Remember it isn't a project that has a beginning and ending date
View all episodes
By Donna Grindle and David Sims
4.9
6060 ratings
ONC recently published an updated guide for Privacy and Security of Electronic Health Information. This episode David and Donna discuss what that guide calls the Seven-Step Approach for Implementing a Security Management Process.
Links
Guide to Privacy and Security of Electronic Health Information
FindHealthcareIT
HIPAAforMSPS.com
Kardon Compliance
Notes
The 7 Steps
Step 1: Lead Your Culture, Select Your Team, and Learn
Assign your officers, make sure they are trained, show compliance is a top down commitment
Step 2: Document Your Process, Findings, and Actions
If you can't prove it then it didn't happen. Document your decisions, plans and activity
Step 3: Review Existing Security of ePHI (Perform Security Risk Analysis)
Review or perform your Security Risk Analysis and current security assessment
Step 4: Develop an Action Plan
The plan needs to address all the things you identified in your assessments, policies, and procedures
Step 5: Manage and Mitigate Risks
This is where your project management skills come into play making sure you have addressed all the risks in your Analysis and new ones aren't showing up
Step 6: Attest for Meaningful Use SecurityRelated Objective
If you are attesting make sure you have done the previous steps
Step 7: Monitor, Audit, and Update Security on an Ongoing Basis
Remember it isn't a project that has a beginning and ending date
More shows like Help Me With HIPAA
View all
MGMA Podcasts
39 Listeners
CodeCast | Medical Billing and Coding Insights
200 Listeners
The Medcurity Podcast: HIPAA Compliance | Security | Technology | Healthcare
8 Listeners
The Compliance Guy
38 Listeners