WipFli Risk Advisory and Forensic Services Manager Rick Ensenbach presented recently at a Vital Education Series event on the importance of healthcare security.
In a discussion geared towards healthcare professionals and business associates, Ensenbach dove into the world of healthcare security – the threats, the regulations and the risks of not proactively crafting a security policy intended to keep patients’ lives and records safe.
He also presented the top 10 myths of security risk assessment:
- Security risk assessment is optional for small providers.
- Installing a certified EHR fulfills my security risk analysis Meaningful Use requirement.
- My EHR vendor will take care of everything I need to do for security and privacy.
- I have to outsource the security risk assessment. (Note: Expert knowledge may be needed to stand up to an audit.)
- A checklist will suffice for risk assessment.
- There is a specific risk assessment method that I must follow.
- My security risk analysis only needs to look at my EHR.
- I only need to do a risk assessment once.
- Before I attest for an EHR incentive program, I must fully mitigate all risks.
- Each year I have to completely redo my security risk assessment.
Are you a healthcare professional or an associate with healthcare clients? To learn more about healthcare security, contact Jon Heyesen, Director of Business Development, at 218.720.4435.