1. Security Risk Assessment for HIPAA/MIPS Compliance

A detailed Risk Assessment is required under the HIPAA Security Rule. The Security Management Process standard in the Security Rule requires organizations to “implement policies and procedures to prevent, detect, contain, and correct security violations.”  (45 C.F.R. § 164.308(a) (1).)  Risk analysis is one of four required implementation specifications that provide instructions to implement the Security Management Process standard.  Section 164.308(a) (1) (ii) (A) states:               

Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronically protected health information (ePHI) held by the [organization]. MRS, LLC will perform an administrative, physical, and technical assessment against the HIPAA Security Regulations.  The Risk Assessment follows the methodology described in NIST Special Publication (SP) 800-30. The Health Insurance Portability and Accountability Act (HIPAA) was enacted to protect the privacy and security of patient information.  It is a healthcare organization’s responsibility to implement safeguards that ensure patient information is properly protected. MRS, LLC has utilized software to help healthcare organizations identify and implement the proper safeguards to protect patient data and to comply with HIPAA regulations. It is a software analytics engine and database, based in the cloud for access anywhere, anytime.  MRS  records analyze and stores the data for ongoing compliance. The final output generates of the following components:

1. A Detailed HIPAA Security Risk Assessment, including detailed and summary reports and a work plan moving forward to correct any identified gaps.

2.  Creation of 18 custom HIPAA Security Policies and Procedures

3. Online training covering Security and Privacy, and compliance testing to all employees with periodic updates

4. Security Incident Tracking details and log

5. Access to the HIPAA Compliance Portal (12 months)

6. Professional assistance from experienced staff only a phone call away

7. Compliance for Objective 1 under MACRA /MIPS

2. MIPS Consulting Services

bridging the gap...

Medical Record Services has a toolset of products and services that enable the eligible provider to earn their Incentive Payment (if eligible), avoid penalties and stay in compliance.

We can help you with any of the following issues:

• Customized needs analysis, project plan, milestones, timelines - with measurable goals and objectives, periodic updates, and reports
• Remote and Onsite support…. Web-based educational sessions
• Registration into the Federal Identity and Access management system
• Registration into the Federal Quality Payment Program
• Registration into the State Medicaid system (if applicable)
• Regularly scheduled dashboard reviews through a combination of conference calls and webinars
• Identify, troubleshoot and aid in the redesign of office workflow
• MACRA MIPS
  • Enrollment and registration with different registry's available.
  • Attestation 
  • Audit Preparation and documentation
  • Training and Compliance
  • Vendor functionality troubleshooting
• Periodic Newsletters and updates
• Access to a complete list of guidelines, resources, tools, and tip sheets.
• Connection to the statewide Health Information Exchange in many states
• Connection to statewide Immunization Registries
• Connection to Specialized Registries- where applicable
• Security Risk Analysis - including hundreds of pages of detailed reports, online staff training, and a work plan moving forward. Click here for more specifics on SRA
• Audit Representation.

We are here to help!

We make MIPS  and HIPAA compliance understandable and easier...

We have successfully guided providers, of all specialties, through the attestation process. We have worked with more than four dozen EMR vendors over the past 10 years, and successfully defended over 100 MU and MIPS audits to date.

We are product-neutral and can work with any ONC Certified vendor to help you achieve MIPS success.

How Can We Simplify the Attestation Process?

Navigating through the complex MIPS attestation process can be daunting, overwhelming, and frustrating. Medical Record Services is a consulting service that gives you the power of our attestation expertise. We identify and then eliminate barriers that can prevent you from successful attestation of MIPS. Our objective is to maximize your incentive payments, or at a very minimum to avoid any penalties. MIPS Compliance is available to all specialties, on any ONC-certified system. 

Schedule a free 15 minute call to see if we can help. Click here to set up a time to talk.