• Document Library:
    • Administrative Simplification Compliance Act
    • Business Associate Log
    • Final Employer Identifier Rule
    • Final Guidance
    • Final Privacy Rule
    • Final Privacy Rule Changes 2002
    • Final Security Rule
    • Final TCS Rule
    • Guidance December 3 2002
    • HIPAA Title I Statutory Text
    • Inventory Sheet
    • Job Responsibilities with Respect to PHI
    • NDC Code Repeal NPRM
    • Privacy NPRM Proposed Changes March 2002
    • Proposed Employer Identifier Rule
    • Proposed Privacy Rule
    • Proposed Provider Identifier Rule
    • Proposed Security Rule
    • Risk Analysis Tracking Form
    • Security Incident Form
    • TCS Modifications NPRM
    • Visitors Sign-In Sheet
    • Workforce Log for Physical Security Access
    • Business Associate Agreement
    • HIPAA Ready Reference HCAT
    • Implementing the Security Rule
    • Physical Security for Large Organizations
    • Physical Security for Small Organizations
    • User Training Presentation HCAT
    • Workforce Training Log
  • Complete policies and procedures that are a requirement of HIPAA compliance:
    • Policy: Access to Protected Health Information
    • Policy: Accountability
    • Policy: Assigning Security Responsibilities
    • Policy: Audit
    • Policy: Authentication
    • Policy: Authorization and Termination
    • Policy: Automatic Logoff
    • Policy: Business Associate
    • Policy: Configuration Management
    • Policy: Contingency Plan
    • Policy: Data Backup and Storage
    • Policy: Device and Media Access Control
    • Policy: Document Retention, Availability, and Currency
    • Policy: Documentation Retention, Availability, and Update
    • Policy: Emergency Access Procedure
    • Policy: Encryption
    • Policy: Evaluation
    • Policy: Group Health Plans Documentation Implementation
    • Policy: Implement Policies and Procedures
    • Policy: Information System Activity Review
    • Policy: Integrity
    • Policy: Isolating Health Care Clearinghouse Functions
    • Policy: Login Monitoring
    • Policy: Maintenance Records
    • Policy: Password Management
    • Policy: Personnel Clearance
    • Policy: Physical Access Control
    • Policy: Protection from Malicious Software
    • Policy: Risk Analysis
    • Policy: Risk Management
    • Policy: Sanction
    • Policy: Secure Data Transmission
    • Policy: Security Incident Policy
    • Policy: Supervision
    • Policy: Testing and Revision
    • Policy: Training and Awareness
    • Policy: Unique User Identification
    • Policy: Workstation Use Guidelines
    • Procedure: Business Associate Contracts
    • Procedure: Contingency Planning (Disaster Recovery and Emergency Mode Operations)
    • Procedure: Contingency Planning (Scheduled Backups)
    • Procedure: Contingency Planning - All
    • Procedure: Data Backup and Storage
    • Procedure: Documentation Retention, Availability, and Update
    • Procedure: Group Health Plans Documentation Implementation
    • Procedure: Implement Policies and Procedures
    • Procedure: Information System and Activity Review
    • Procedure: Isolating Health Care Clearinghouse Functions
    • Procedure: Login Monitoring
    • Procedure: Password Management
    • Procedure: Physical Safeguards
    • Procedure: Risk Analysis and Risk Management
    • Procedure: Sanction
    • Procedure: Security Incident Response and Reporting
    • Procedure: Security Official Job Description
    • Procedure: Security Reminders
    • Procedure: Technical Safeguards
    • Procedure: Workforce Security (All)
    • Procedure: Workforce Security (Conducting and maintaining information systems review)
    • Procedure: Workforce Security (Maintaining an employee's access to PHI)
    • Procedure: Workforce Security (Terminating an employee's access to PHI)
    • Procedure: Written Contract or Other Arrangement
  • Complete Institutional policies and procedures that are a requirement of HIPAA compliance:
    • Institutional Policy: Access Controls
    • Institutional Policy: Activity Review of Information System Security
    • Institutional Policy: Assignment and Managment of Information Access Privileges
    • Institutional Policy: Assignment of Facility Access Controls or Privileges
    • Institutional Policy: Assignment of Security Responsibility
    • Institutional Policy: Audit Controls
    • Institutional Policy: Authentication of Person or Entity
    • Institutional Policy: Business Associate Contracts and Other Arrangements
    • Institutional Policy: Contingency Planning: Response to Unexpected Negative Events
    • Institutional Policy: Device and Media Controls
    • Institutional Policy: E-mail and Protected Health Information
    • Institutional Policy: Electronic Transmission Security of PHI
    • Institutional Policy: Evaluation of the Security of Protected Health Information
    • Institutional Policy: Facsimilie Machines and Protected Health Information
    • Institutional Policy: General Guidelines to Safeguard Protected Health Information
    • Institutional Policy: Maintenance of Privacy and Security Policies and Procedures
    • Institutional Policy: Policies and Guidelines on Work Station Use and Security
    • Institutional Policy: Risk Analysis and Ongoing Risk Managment
    • Institutional Policy: Sanctions for Violating Privacy and Security Policies and Procedures
    • Institutional Policy: Security Incident Procedures: Response and Reporting
    • Institutional Policy: Termination or Modification of Access to Protected Health Information: Facility Controls and Electonic Systems
    • Institutional Policy: Training Program - Security Awareness and Training
    • Institutional Procedure: Activity Review of Information System Security
    • Institutional Procedure: Assignment and Managment of Information Access Privileges
    • Institutional Procedure: Assignment of Security Responsibility
    • Institutional Procedure: Business Associate Contracts and Other Arrangements
    • Institutional Procedure: Contingency Planning: Response to Unexpected Negative
    • Institutional Procedure: Evaluation of the Security of Protected Health Information
    • Institutional Procedure: Facsimilie Machines and Protected Health Information
    • Institutional Procedure: Maintenance of Privacy and Security Policies and Procedures
    • Institutional Procedure: Risk Analysis and Ongoing Risk Managment
    • Institutional Procedure: Sanctions for Violating Privacy and Security Policies and Procedures
    • Institutional Procedure: Security Incident Procedures: Response and Reporting
    • Institutional Procedure: Termination or Modification of Access to Protected Health Information: Facility Controls and Electonic Systems
    • Institutional Procedure: Training Program - Security Awareness and Training
    • Institutional Procedure: General Guidelines to Safeguard Protected Health Information
    • Institutional: Procedure: Access Controls
    • Institutional: Procedure: Assignment of Facility Access Controls or Privileges
    • Institutional: Procedure: Audit Controls
    • Institutional: Procedure: Authentication of Person or Entity
    • Institutional: Procedure: Device and Media Controls
    • Institutional: Procedure: E-mail and Protected Health Information
    • Institutional: Procedure: Electronic Tranmission Security of PHI
    • Institutional: Procedure: Policies and Guidelines on Work Station Use and Security

Close Window