CynergisTek’s Promoting Interoperability (formerly Meaningful Use) Security Controls Assessment was designed to address the risk analysis requirement for the in scope CEHRT and will provide a deliverable that can be used to support the attestation process. To gather data for the assessment CynergisTek will conduct interviews and working sessions with key stakeholders as part of an independent verification and validation of each of the security controls associated with the CEHRT. Interviews and working sessions will focus on the demonstration of compliance that each functionality exists, is enabled, performs properly, and that there is a documented process around it to ensure its use. Risk ratings will be assessed and provided for any gaps. This analysis takes into account the likelihood and impacts of applicable threats and vulnerabilities based on the level of control identified during this assessment.