What is required for MIPS?

An annual Security Risk Analysis is required annually for MIPS. Some EHRs are also requesting that you complete a risk assessment from HEALTHIT.gov. This is in addition to your HIPAA Security Risk Analysis.

Simply go to your dashboard and click “Update Risk Analysis”. If you have not generated a “Documents Package” within 90 days, one will be automatically created for you. Since this is a large package, it may take a few moments. Once the documents package has been created, you may click continue. This will clear your Questionnaire in Step 1 so you may update your Risk Analysis. Once you complete the questionnaire, please email support@arismedicalsolutions.com so one of our security analysts can review and make recommendations. After the analyst has completed the review, you will receive an email requesting that you approve the Risk Management Plan. This is what you will download and submit for MIPS.

NOTE: It is recommended to create a document package each time you make changes in the system to document your ongoing compliance efforts.


There are two ways to download your Risk Management Plan.

Option One:

Go to Step 1, 

Click on the Security Risk Analysis & Risk Management link,

Click on Review & Approve,

Once the Risk Management Plan loads (may take a few moments since it is a large file), using the outside scroll bar, scroll to the bottom and click download.

Option Two:

Download the zip file with all of your documents:

From your dashboard,

Scroll down and on the left look for "Download Documents"

On the right you will see the list of packages that have been generated.

Once you click the Download icon, this will create a Zip file.

Most of the time these files are directed to your “Downloads” folder in your Windows Explorer Directory unless your IT vendor has directed the download to a server or elsewhere.

Once you locate your file, simply right click on the folder and select Extract All.

All of your files will unzip.

Go to Step 1. This is where your Risk Management Plan is located.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to add to the Uploads Tab?

This is where you may upload reports you receive from your IT vendors, OIG (Office of Inspector...

What are audit logs and why do I need them?

Audit logs are sometimes called access logs. They are located in a variety of places, depending...

What type of reports do I need from my IT vendor?

Monthly reports from your IT company will depend on the system they use. Here are some examples...

How to access the HIPAA compliance system?

Instructions on log-in and profile Each time you log-in, you will be taken to the billing side...

How to add the inventory list?

Inventory tab is located on your Profile page. You will have a choice of entering the...