Providers Attesting to Their Compliance With Meaningful Use Need to Ensure That They Truly Protected Their Electronic Health Information

By Gabriel Imperato and Paul R. DeMuro

Providers are starting to get notices from the government that they have not met the Meaningful Use requirement with respect to protecting electronic health information. They have attested that they have and thus, stated that they have conducted and reviewed a security risk analysis implementing security updates as need to meet this Meaningful Use Core Measure, but have they? Having attested to doing so, if they do not meet the requirement, the government has taken the position that such providers have improperly sought and received government monies, which results in false claims liability.

Eligible Professionals (EP) must conduct or review a security analysis of their certified EHR technology (CEHRT), including addressing encryption/security of data, and implement updates as necessary at least once prior to the end of the EHR reporting period. A new review has to occur for each reporting period. If EPs have attested to this conductand review, and have not properly done so, they may be subject to recoupment of payments for Meaningful Use and a reimbursement adjustment, depending upon their particular situation.

To continue reading, please visit South Florida Hospital News and Healthcare Report

This entry was posted in Compliance, Gabriel Imperato, Paul DeMuro and tagged , , , , , , , , , . Bookmark the permalink.