Harmony Healthcare Blog

Conducting Your Skilled Nursing Facility Risk Analysis

Posted by Kris Mastrangelo, OTR/L, LNHA, MBA on Tue, Jun 24, 2014

Find me on:

Edited by Kris Mastrangelo

Conducting Your Skilled Nursing Facility Risk Analysis:  Last year, HIPAA privacy, security and breach notification rules were made applicable to healthcare providers, payers and clearinghouses. The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information.

The HIPAA Security Rule now requires all healthcare organizations to conduct a thorough security risk analysis to determine exposures that may lead to the compromise of the confidentiality, integrity or availability of patients' electronic Protected Health Information. A risk assessment helps your organization ensure it is compliant with the HIPAA administrative, physical, and technical safeguards. A risk assessment also helps reveal areas where your organization’s protected health information (PHI) could be at risk.

With this in mind, SNF Administrators are encouraged to conduct a rigorous security risk analysis. Administrators and/or appropriate facility staff can utilize the Office of the National Coordinator for Health Information Technology (ONC) assessment tool to determine risk.  You can find the tool by clicking on the following link: https://www.healthit.gov/providers-professionals/security-risk-assessment-tool

Upon completion of this tool, facilities will be able to determine their risks and put into place an action plan. It should be a common practice among facilities to add this risk assessment to their Compliance Program and regularly repeat the risk assessment as new technologies and advancements develop and enable potential access to Protected Health Information.

PEPPER Analysis  

View Kris Mastrangelo's LinkedIn profileView Kris Mastrangelo's profile

Tags: SNF, Skilled Nursing Facility, EMR, Electronic Medical Record, ePHI, Patient Data

Subscribe to The HHI Blog

Posts by Topic

see all
New Call-to-action

Stay connected!