top of page

MIPS Risk Analysis

Merit-Based Incentive Payment System (MIPS) Protect Patient Health Information

MIPS Risk Analysis

The Merit-Based Incemtive Payment System, or MIPS, requires eligible clinicians or organizations to attest YES to conducting or reviewing a security risk analysis and implementing security updates as necessary and correcting identified security deficiencies.


Conduct or review a security risk analysis in accordance with the requirements in 45 CFR 164.308(a)(1), including addressing the security (to include encryption) of ePHI data created or maintained by certified electronic health record technology (CEHRT) in accordance with requirements in 45 CFR 164.312(a)(2)(iv) and 45 CFR 164.306(d)(3), implement security updates as necessary, and correct identified security deficiencies as part of the MIPS eligible clinician’s risk management process.

RISC can assist you in assessing your risk, documenting it, and developing remediation measures to reduce risk. These activities will enable you to attest "Yes" to PI_PPHI_1. Contact us today to find out how.

Contact RISC Management today to discover how we can help you!

bottom of page