Partnership
Aris offers Security Risk Analyses for Meaningful Use and HIPAA Audits. We also provide all your HIPAA Policies, Procedures, Documentation, and Training.
HIPAA Security Risk Analysis Renewal – do I really need to do this again?
Did you know that every medical practice and business associate is required under the Security Rule to conduct a HIPAA Risk Analysis at a minimum every three years to determine if their current safeguards still adequately protect the confidentiality, integrity, and availability of Electronic Protected Health Information (ePHI)? As technology continues to change, we must keep up and ensure our data is still protected. Think about every time we must upgrade our computer operating systems because they are no longer supported by Microsoft or Apple. If we choose not to upgrade, our data is at risk for a data breach. As technology changes, so must we!
Annual renewals are recommended, however, if nothing has really changed within your medical practice or business organization you can review what you have in place. Be sure to document this! Keep in mind if you make any major changes or suffer a data breach within your organization, you will be required to conduct a Risk Analysis more frequently.
Use the table below to determine what is best for your organization:
If your organization has:
- Replaced any network servers or computers
- Replaced or added a firewall device or domain controller
- Changed or added any software that contains ePHI
- Changed from premise based to cloud based storage or access to ePHI
- Changed Security Officers
- Had multiple security incidents or a data breach
Then you need to renew your Risk Analysis
If your organization has:
- Not added any new computer hardware or software
- Not replaced or added a firewall or domain controller
- Not changed or added any software that contains ePHI
- Not changed EHR or PM software
- Not changed Security Officers
- Not experience a data breach or repeated security incidents
- and you are still implementing your existing Policies and Procedures
Then you do not need to renew, but may want to consider continued support
Aris Medical Solutions offers three types of HIPAA Risk Analysis Renewals. Pricing is based on the size of your organization and the number of locations. Select the package that is best for your organization:
Maintenance Plan
- Access to your Policies, Procedures, and Documentation as needed through Aris’ online portal
- Ability to update Policies, Procedures, and Documentation as needed
- This includes continued email support
Standard Renewal
- Aris performs your Risk Analysis remotely
- The client will complete an online questionnaire,
- The client will email pictures of the facility “walk through”
- Then Aris creates your Risk Management Plan
- This package includes access to your Privacy and Security Policies, Procedures, and Documentation through Aris’ online portal
- This includes continued email and phone support
Premium Renewal
- Aris performs your Risk Analysis on-site
- Aris will coordinate an onsite visit and complete the questionnaire
- Aris will take the “walk-through” pictures of the facility
- Then Aris creates your Risk Management Plan
- This package includes access to your Privacy and Security Policies, Procedures, and Documentation through Aris’ online portal
- Live Webinar training is included for the entire staff with customized topics
- This includes continued email and phone suppor
Contact us for more information.
Aris protects their clients through Partnership, Education, and Support