HIPAA Security Risk Analysis – why do I need this?

Doctor green shirt conference tableDid you know that every medical practice and business associate is required to conduct a Risk Analysis to determine if their current safeguards adequately protect the confidentiality, integrity, and availability of Electronic Protected Health Information (ePHI)? Even though it is required under the Security Rule you have a responsibility to safeguard the personal information that patients have given you. It just makes sense to protect your data and therefore protect your organization.

  • Do you have someone on staff that fully understands the Security Rule?
  • Does your Security Officer understand the technology requirements?
  • Do you know how to create a Risk Evaluation and Risk Management Plan from your Risk Analysis?

We offer comprehensive packages from the Do-it-Yourself for those organizations that have a knowledgable staff member, a remote Risk Analysis to help you save some money, to a full onsite Risk Analysis.
Aris offers three types of HIPAA Security Risk Analyses. Pricing is based on the size of your organization and the number of locations. Select the package that is best for your organization:

Basic Plan


For those organizations that have already conducted a HIPAA Security Risk Analysis and need to implement policies and procedures:

  • Privacy Policies, Procedures, and Documentation templates, including your Notice of Privacy Practices
  • Security Policies, Procedures, and Documentation templates, including Business Associate Agreements
  • Breach Notification Plan
  • Contingency Plan worksheet
  • Do-it-yourself HIPAA Training

Standard Plan


Aris will perform your Risk Analysis remotely. The client will complete an online questionnaire and email a set of  “walk-through” pictures.

  • Risk Analysis and Evaluation
  • Risk Management Plan
  • The Risk Analysis is reviewed  in an online meeting
  • Calendar of Events to ensure you implement your package
  • Privacy Policies, Procedures, and Documentation templates, including your Notice of Privacy Practices
  • Security Policies, Procedures, and Documentation templates, including Business Associate Agreements
  • Breach Notification Plan
  • Contingency Plan worksheet
  • Do-it-yourself HIPAA Training
  • Monthly Security Reminders.
  • One year of email support.

Premium Plan


Aris will perform your Risk Analysis onsite.

  • Aris will complete the questionnaire
  • Take the “walk through” pictures.
  • Aris then creates the Risk Analysis and Evaluation
  • Risk Management Plan.
  • The Risk Analysis is then reviewed  in an online meeting.
  • Calendar of Events to ensure you implement your package
  • Privacy Policies, Procedures, and Documentation templates, including your Notice of Privacy Practices
  • Security Policies, Procedures, and Documentation templates, including Business Associate Agreement
  • Breach Notification Plan
  • Contingency Plan worksheet
  • Annual HIPAA training is performed via a live Webinar that is customized to the organization.
  • Monthly Security Reminders.
  • One year of email and phone support.

Contact us for more information.
All HIPAA Risk Analysis packages are complete with Privacy and Security Policies, Procedures, and Forms. Whether you implement them yourself or let us do the heavy lifting, we are your one stop HIPAA solution!

Aris protects their clients through Partnership, Education, and Support!