How to add to the Uploads Tab?

This is where you may upload reports you receive from your IT vendors, OIG (Office of Inspector General) exclusion lists, security incidents, non-employee agreements, and miscellaneous documents you want to store for future HIPAA requirements. 

Once you click on the Upload tab from your Profile page, select what type of documentation you are uploading. Select the file from your computer to upload.

NOTE: When naming your files BEFORE you upload load them, we suggest starting each file with a date.

For example: 2022 Jan IT summary report

010122 OIG Smith Mary New hire or 060122 OIG Annual report

021522 Security Incident - malware found

031522 Non-Employee - Cleaning company agreement


IT Vendors:

Request monthly reports from your IT company. Depending on the system they use, these reports will vary. Such as:

Access logs (if they provide this service)

Asset management summary

Device health report

Network audit report

Software list


OIG Exclusions list:

It is very important to make sure you do not hire anyone that has committed Medicare or Medicaid fraud or been convicted of elder abuse. Be sure to check this list before you hire new employees.

  • The database only includes the name known to OIG at the time the individual was excluded, any former names used by the individual (e.g., maiden name, previous married name, etc.) should be searched in addition to the individual's current name.
  • An individual with a hyphenated name should be checked under each of the last names in the hyphenated name (e.g., Jane Smith-Jones should be checked under Jane Smith and Jane Jones, in addition to Jane Smith-Jones).
  • If checking only a few names, use the Online Searchable Database to search up to five names at once.
  • If checking many names, consider downloading the Downloadable Database into a spreadsheet or database program. This will enable the user to use that program's search functions to crosscheck the names against the thousands of names on the LEIE. Verify the correct spelling of any names before starting a search.
  • For a potential match, verify the results by entering the SSN for an individual or EIN for an entity on the Online Searchable Database. (Note: The Privacy Act prohibits the distribution of SSNs so they cannot be included in the Downloadable Database).


The OIG would like to you check this list monthly, but that is very difficult to keep up with. We recommend checking it annually for all employees. With that said, if you have an employee that is acting strange or is having financial difficulties, it is suggested to check this list more often.

To document your efforts, use the “Print Screen” button on your keyboard, then “paste” into a Word Document. When saving we recommend using a consistent format as listed above.


Security Incidents:

If you were to experience a security incident, these should be documented utilizing the Security Incident Form under Step 2. Examples of incidents are a lost or stolen device, malware, unusual activity in your network, suspected data breach or confirmed breach. Again, using the date format mentioned above, this will keep your documentation in chronological order.


Non-employee agreements:

When you hire a cleaning company or an intern, you should consider requiring them to sign a confidentiality agreement for a non-employee so they understand their requirements.


Miscellaneous documents:

Any other supporting documentation that could assist in on-going compliance efforts may be uploaded here. Be sure to name the files accordingly.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What are audit logs and why do I need them?

Audit logs are sometimes called access logs. They are located in a variety of places, depending...

What type of reports do I need from my IT vendor?

Monthly reports from your IT company will depend on the system they use. Here are some examples...

How to access the HIPAA compliance system?

Instructions on log-in and profile Each time you log-in, you will be taken to the billing side...

How to add the inventory list?

Inventory tab is located on your Profile page. You will have a choice of entering the...

How to change or reset my password?

The Aris 7-Step administrator can change or reset their password by clicking on the "Forgot...