13. Protect Electronic Health Information

Measure Criteria

Objective: Protect electronic health information created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities.

Measure: Conduct or review a security risk analysis in accordance with the requirements under 45 CFR 164.308(a)(1) and implement security updates as necessary and correct identified security deficiencies as part of its risk management process.

Exclusion: No exclusion.

Measure Calculations

YES / NO ATTESTATION:

Eligible professionals (EPs) must attest YES to having conducted or reviewed a security risk analysis in accordance with the requirements under 45 CFR 164.308(a)(1) and implemented security updates as necessary and corrected identified security deficiencies prior to or during the EHR reporting period to meet this measure.

CMS Resources

For more detailed information on this measure, please click on the reference link below. This CMS documentation includes information on exclusions, attestation requirements, a definition of terms, and important additional information.

Reference CMS: Protect Electronic Health Information

SOAPware Meaningful Use 2014 Resource Center

Please contact our Training Department to obtain access to our Meaningful Use 2014 Resource Center that includes SOAPware's comprehensive step-by-step Meaningful Use 2014 Roadmaps and Clinical Quality Measures Roadmap, along with other helpful resources. To request access to our Meaningful Use 2014 Resource Center, please contact our Training Department by submitting at ticket: Training Ticket.