RA for MU and Continuous Monitoring. IT Security Requirements Under the HITECH Act. Lisa Broome, RPMS ISSO. Agenda. Introduction Threat Identification Vulnerability Identification Control Analysis Risk Mitigation HIPAA Questions?.
IT Security Requirements Under the HITECH Act
Lisa Broome, RPMSISSO
Meaningful use criteria and certification
standards are tools to promote health IT
Privacy and security are incorporated to
address risks associated with increasing information
sharing, access and use.
IT security is the foundation to build TRUST in health information technology & electronic information exchange.Risk Analysis for MU and Continuous Monitoring
HITECH Act Requirements
45 CFR 164.308(a)(1)
Resources and Information
Implemented Across IHS Federal/Tribal/Urban Facilities in August 2009
Focus on HighRisks by Area
Reporting to HHS
Part of the QuarterlyReport to the HHS Secretary
Other vulnerability tests run by OIT/DIS
(While it technically needed to meet the standard, facilities will NOT be
required to utilize 2-factor under Stage 1.