Health information security is an iterative process driven by enhancements in technology as well as changes to the health care environment. As you adopt new health IT to enhance the quality and efficiency of care in your practice, it is also equally important to reassess your health information security policies. Identifying risks and protecting electronic health information can be challenging for small health care practices. This guide is designed to help your practice prepare for those challenges, effectively assess risks, and develop appropriate security policies to protect electronic health information.
The material in these guides and tools was developed from the experiences of Regional Extension Center staff in the performance of technical support and EHR implementation assistance to primary care providers. The information contained in this guide is not intended to serve as legal advice nor should it substitute for legal counsel. The guide is not exhaustive, and readers are encouraged to seek additional detailed technical guidance to supplement the information contained herein.
Reference in this web site to any specific resources, tools, products, process, service, manufacturer, or company does not constitute its endorsement or recommendation by the U.S. Government or the U.S. Department of Health and Human Services.