MOUNTAIN VIEW, CA – Symantec has introduced the new Allscripts Privacy & Security Risk Assessment. The tool automates the paper-based process of assessing a medical practice’s privacy and security risks and is designed to help physicians qualify for federal incentives for EHR adoption.
Physicians applying for Medicare and Medicaid incentives under ARRA must demonstrate that their practices meet the security requirements under the meaningful use Stage 1 criteria and conduct a privacy and security risk analysis under HIPAA guidelines.
[See also: Privacy concerns accompany push for EMRs.]
“Symantec is very committed to the healthcare industry and we understand the unique needs around protecting patient information,” said Doug Havas, vice president, Symantec Healthcare. “By combining Symantec’s rich expertise in security and privacy with the healthcare expertise of Allscripts, the market leader in electronic health records, we’ve developed a simplified way for physicians to demonstrate that they meet the security requirements of HIPAA and help to qualify for substantial incentive payments from Medicare or Medicaid. The solution also represents a critical step in identifying pain points and mitigating risks so practices can maximize their data security.”
Allscripts Privacy & Security Risk Assessment provides a single place to complete the review of administrative, technical and physical safeguards as defined by HIPAA. Offered as a Web-based application, no downloading or new hardware is required. The online tool also produces comprehensive reports immediately upon the practice completing the assessment, including identifying potential gaps and providing recommendations for complying with HIPAA rules and HITECH. Vendor and application independent, it is applicable for any EHR.
[See also: Symantec enters the healthcare IT market.]
“Right now, physician practices can either perform the HIPAA risk assessment themselves or hire an onsite consultant to do the analysis,” said Allscripts President Lee Shapiro. “By working with Symantec, we can now greatly simplify the risk assessment process for those practices that are looking for an alternative to doing it on their own.”
The Allscripts Privacy & Security Risk Assessment uses standard Web-hosted technology to make the assessment process simple and easy to complete. Features of the offering also include:
- A one-stop place to complete HIPAA defined assessment of administrative, technical and physical safeguards
- Automated reporting and gap analysis with recommendations for improvements
- Subscription based model that accommodates the needs and financial parameters of single providers, multiple locations and enterprise customers
- Annual collection and verification of assessment data
- Automatic assessment and audit log
- Graphical and administrative views of assessment results
- Documentation that a privacy and security risk assessment has been performed in accordance with HITECH and HIPAA
“Using this solution is very easy," said Alexander Laham, corporate compliance and privacy officer at Springfield Medical Care Systems in Vermont. "A critical evaluation that would normally take significant time and resources has been simplified into an easy, user-friendly, step-by-step process. We will certainly be using this tool on a regular basis, not just once a year, to gauge our improvement over time and help ensure that our systems are secure and compliant.”
