Harmony Healthcare International (HHI) Blog

Conducting Your Skilled Nursing Facility Risk Analysis

Share: 

Conducting Your Skilled Nursing Facility Risk Analysis:  Last year, HIPAA privacy, security and breach notification rules were made applicable to healthcare providers, payers and clearinghouses. The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information.

The HIPAA Security Rule now requires all healthcare organizations to conduct a thorough security risk analysis to determine exposures that may lead to the compromise of the confidentiality, integrity or availability of patients' electronic Protected Health Information. A risk assessment helps your organization ensure it is compliant with the HIPAA administrative, physical, and technical safeguards. A risk assessment also helps reveal areas where your organization’s protected health information (PHI) could be at risk.

With this in mind, SNF Administrators are encouraged to conduct a rigorous security risk analysis. Administrators and/or appropriate facility staff can utilize the Office of the National Coordinator for Health Information Technology (ONC) assessment tool to determine risk.  You can find the tool by clicking on the following link: https://www.healthit.gov/providers-professionals/security-risk-assessment-tool

Upon completion of this tool, facilities will be able to determine their risks and put into place an action plan. It should be a common practice among facilities to add this risk assessment to their Compliance Program and regularly repeat the risk assessment as new technologies and advancements develop and enable potential access to Protected Health Information.

PEPPER Analysis  

View Kris Mastrangelo's LinkedIn profileView Kris Mastrangelo's profile

Topics: SNF, Skilled Nursing Facility, EMR, Electronic Medical Record, ePHI, Patient Data


Kris Mastrangelo, OTR/L, LNHA, MBA

WRITTEN BY

Kris Mastrangelo, OTR/L, LNHA, MBA
Follow: 

Data collection is the foundation for monitoring progress, but, in itself is a daunting task


Get your FREE PDPM Revenue Analysis

Start Here

Get Expert Tips in your inbox

Subscribe to our newsletter

Latest Blog Posts

PDPM, Isolation, Quarantine, Skilling, COVID-19, and ICD-10

Read Full Post

QAPI: Survey Plan of Correction (Part 3)

Read Full Post

QAPI Five Elements of a Successful Program (Part 2)

Read Full Post

PDPM, Isolation, Quarantine, Skilling, COVID-19, and ICD-10

Read Full Post

QAPI: Survey Plan of Correction (Part 3)

Read Full Post

PDPM, Isolation, Quarantine, Skilling, COVID-19, and ICD-10

Read Full Post

QAPI: Survey Plan of Correction (Part 3)

Read Full Post