The very last component of achieving meaningful use of EHRs is to “Conduct or review a security risk analysis … and implement security updates as necessary and correct identified security deficiencies as part of its risk management process.” There are three elements in that sentence, each required to achieve meaningful use: