EHR Vendor Profiles

Highlighted resources from the HITEQ Center

Profiles for EHR vendors are provided as a resource to health centers looking for EHR documentation, support services, and peer groups.

Access Vendor Profiles

Need Assistance?

Would you like more assistance regarding EHR Selection and Contracting strategies or support in using any of the included resource sets?

Request Support

Upcoming Events

Clinical Quality Measures 101-- Readiness for Value Based Care and Patient-Level Data Reporting (4/23/2024 12:00 PM - 1:00 PM (UTC-05:00) Eastern Time (US & Canada))
HITEQ On the Horizon Series (5/2/2024 12:00 PM - 1:00 PM (UTC-05:00) Eastern Time (US & Canada))
HITEQ On the Horizon Series (5/16/2024 12:00 PM - 1:00 PM (UTC-05:00) Eastern Time (US & Canada))

The Quadruple Aim

: A Conceptual Framework
Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim
Learn More >

Overview

This section contains resources that help health centers to successfully implement EHRs, including leadership teams needed, workflow adoption, transitioning between EHRs, meaningful use, and patient safety issues.

Implementing EHR

Health Center Security & Compliance System Implementation Guide

Adam Kehler (OBS) & Nathan Botts (HITEQ) / Thursday, January 31, 2019

/ Categories: EHR Selection and Implementation, EHR Implementation, Privacy and Security, Privacy & Security Best Practices, Security Risk Analysis

Health Center Security & Compliance System Implementation Guide

January 2019

There are ever-increasing cybersecurity guidelines and protection measures that Health Centers must navigate and digest. Newer and rurally located Health Centers can especially benefit from guidance and decision support that assists them in determining how to implement systems in a manner that meets compliance requirements and doesn’t expose information to undue security risk. Identifying and managing these types of risk can be especially important when procuring new Health IT (e.g. EHRs, Medical Devices, Data Warehouses) for the Health Center. This toolkit provides a framework for Health Centers to evaluate compliance and security concerns as they purchase, adopt, and implement technology solutions.

Every time a Health Center adopts and implements newly procured technology, they could be exposing themselves to compliance gaps and security risks. Often these topics are addressed after the solution is implemented and are an after-thought. Unfortunately, the later in the adoption process that security is considered, the costlier it becomes to address as it may require redesign or reconfiguration of software, systems, and processes.

Especially important for covered entities, like Health Centers, is for this process to meet the regulations outlined within HIPAA. Throughout this document, the related HIPAA requirements are highlighted within each section so as to better understand where this process sits within broader security risk assessment (SRA) practices. In the Appendix of this guide is an EHR/Health IT Systems checklist that can be used as an implementation interview guide when procuring new resources.

This guide can help organizations identify security concerns and design the appropriate solution starting at the design and vendor-selection phase, thereby increasing the likelihood that security will be considered fully throughout the implementation process.

Download the full toolkit below, which includes the following sections:

System overview
Information classification and inventory
Business Associate Agreements and Contracts
Risk Analysis
Identity management
Encryption
Auditing and logging
Contingency planning
Workstation requirements
Patching
Security testing
Vendor and developer access
Physical security
Network segmentation

Print

6485

Intended Audience

Health Center IT Staff and Leadership

Documents to download

Health Center Critical IT Security Compliance Procurement Guide(.pdf, 610.78 KB) - 332 download(s)
Created by HITEQ in January 2019

Acknowledgements

This resource collection was compiled by the HITEQ Center staff with guidance from HITEQ Advisory Committee members and collaborators of the HITEQ Center.