Security Risk Analysis | MIPS ACI Measures for 2018 Reporting

For use with CEHRT certified to the 2015 edition.

Measure Description

Conduct or review a security risk analysis in accordance with the requirements in 45 CFR 164.308(a)(1), including addressing the security (to include encryption) of ePHI data created or maintained by certified electronic health record technology (CEHRT) in accordance with requirements in 45 CFR 164.312(a)(2)(iv) and 45 CFR 164.306(d)(3), implement security updates as necessary, and correct identified security deficiencies as part of the MIPS eligible clinician’s risk management process.

Measure ID Objective Required for Base Score? Percentage of Performance Score
ACI_PPHI_1 Protect Patient Health Information Yes 0%

Reporting Requirements

To meet this measure, MIPS eligible clinicians must attest YES to conducting or reviewing a security risk analysis and implementing security updates as necessary and correcting identified security deficiencies.

Definition of Terms & Additional Information

Stay up to date with the latest news regarding MACRA and MIPS.

The Healthmonix Advisor is a free weekly news source, connecting you to the latest updates in the value-based care industry.