Many healthcare organizations, like yours, are eligible for monetary compensation from the U.S. government. Running a practice is important, expensive work, and you deserve the federal dollars that you qualify for.
The Medicare and Medicaid Electronic Healthcare Record (EHR) Incentive Program pays up to ,000 to healthcare organizations that can demonstrate meaningful use of certified EHR technology. If you participate in the EHR Incentive Program, you must send in your Security Risk Assessment no later than December 31, 2014. This assessment ensures that your healthcare organization is compliant with HIPAA’s administrative, physical, and technical safeguards. It also confirms that your Protected Health Information (PHI) is secure.
A Secure Risk Assessment is required to satisfy Core Objective 15 of Stage 1 in the EHR Incentive Program, and Core Objective 9 of Stage 2. These objectives must be met in order for medical practices, like yours, to continue receiving funding from the program.
Unfortunately, this Assessment is sometimes ignored because the forms aren’t provided through EHR software like other objectives. One out of five payments made to healthcare facilities though the EHR Inventive Program are audited because no Security Risk Assessment was filed. And if you fail this audit, you must pay back your incentives. This could be as much as $10,000 per physician (note: not per practice) per annum!
Unless you want to give back tens of thousands of dollars, make sure you complete and send in your Security Risk Assessment form by December 31st.
Want to learn more about the Security Risk Assessment deadline, or other details about the EHR Incentive Program? Contact at or and we’ll be happy to answer your questions.