Meaningful Use

Is your organization adopting Meaningful Use, either to gain incentive payouts or to avoid penalties? You’re not alone. A majority of healthcare providers plan to either implement electronic health records, or take a closer look at existing systems to apply for compliance in the immediate future.

A key part of meeting the Meaningful Use compliance requirement is conducting a risk assessment. There is considerable confusion in the market regarding how this should be conducted, but at the core it is a revival of the original HIPAA rules regarding security.

By conducting an analysis that covers several core areas, and gaining a comprehensive understanding of how and where your electronic health information is used and stored, you can begin to build a stronger risk posture and avoid fines and penalties.

Covered entities subject to the meaningful use requirements

  • Eligible Hospitals
  • Critical Access Hospitals (CAH)
  • Eligible Professionals

Meaningful Use Risk Analysis

Dell SecureWorks’ Meaningful Use Risk Analysis is a risk assessment that is scoped specifically to satisfy the Meaningful Use core security objective. The benefits to this assessment are multi-fold, as Dell SecureWorks provides the following:

  • Understanding of the organization’s risk posture and security deficiencies
  • Clear documentation of risk points
  • Satisfaction of compliance auditors and Meaningful Use attestation requirements (security core measure)
  • Expert consultation to correct security deficiencies
  • Enabling the organization to detect, respond to, and minimize future critical threats

The Meaningful Use Risk Analysis is summarized below:

 Standard  Summary of Requirements  Solutions
Measure 14 (15 for eligible professionals) –
45 CFR § 164.308(a)(1)(ii)(A)

Assess the “potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity.”

  • Conduct a security risk analysis
  • Update the assessment annually
  • Correct any identified security deficiencies

A comprehensive risk analysis covering 9 core deliverables:

  1. e-PHI Identification
  2. Documentation
  3. Identify Threats and Vulnerabilities
  4. Control Analysis
  5. Likelihood Determination
  6. Impact Analysis
  7. Risk Determination
  8. Control Recommendations
  9. Document Results



  • Meaningful Use and Data Security: Meeting the Measure


  • Meaningful Use: A Discussion


Next Steps

Contact Us Call Us Today
(877) 838-7947
UK +44 131 260 3044



Online Tools

  • Print this Page
  • Share This Resource

By completing this form you'll be opting in to receiving future communications about products and services from Dell SecureWorks.