Originally Posted by ryanjo
Originally Posted by Indy
I have to wonder if each practice wouldn't be better off ... exiting government payer plans

I agree with you totally, being free of government nitpicking would be marvelous. However, everyone should be aware that data security, including have a practice security plan, isn't optional whether you participate in Medicare/aid or not, meaningful use or not, or even whether you use an EMR. The Office for Civil Rights states the provisions of the HIPAA Security Rule apply to any person or organization that has access to patient data.

I may not have been clear; I am not dismissing the need for a security plan, rather what is driving the plan generation. Most enterprises that I have worked with had more stringent requirements than the relevant governmental regs, but the plan were crafted based on the use cases of the organization.

Having dealt with special weapons security, I have actually seen more stringent controls at a certain F500 data center.

Indy
"Boss"

Indy's Blog

www.BestForYourPractice.com
Our Name is Our Creed