HCAT Professional HIPAA Documents

Everything needed to complete a HIPAA security compliance program is included.

HIPAA Forms, Logs and Templates Included with HCAT™ Professional:

  • Business Associate Agreement Template

    •     - A sample agreement template to use with Business Associates.
  • Business Associate Log

    •     - A log form to help track your business associates and the status of their agreements.
  • EPHI Inventory Form

    •     - Electronic Protected Health Inventory form
  • Hardware and Software Inventory Form

    •     - Used during your risk analysis to record your hardware and software inventory.
  • Job Responsibilities with Respect to PHI Form

    •     - Another inventory form that is used to indicate members of your workforce and the ePHI they access.
  • Risk Analysis Tracking Form

    •     - An excellent form template to use in conjunction with the risk analysis;
  • Security Incident Log Form

    •     - A sample Log form to use to track security violations or incidents.
  • Visitors Sign-In Sheet Log Form

    •     - A sample form to use to log visitors to your organization.
  • Workforce Physical Security Access Log Form

    •     - A sample form to use to identify and track physical entry access by workforce.
  • HIPAA Ready Reference wall-chart Template

    •     - An easy to use template that can help personnel understand what kinds of HIPAA responses are needed.

HIPAA Training Documents Included with HCAT™ Professional:

  • Physical Security for Large Organizations Guide

    •     - An excellent guide on implementing and maintaining physical security for larger organizations.
  • Physical Security for Small Organizations Guide

    •     - An excellent guide on implementing and maintaining physical security for smaller organizations.
  • Employee Training Presentation

    •     - A training presentation that can be customized for your organization’s internal training programs.
  • Risk Analysis Training

    •     - A brief overview for performing your Risk Analysis.
  • Workforce Training Log

    •     - A sample log to document workforce training.

Complete Policy and Procedure Templates requirement for HIPAA Compliance Included with HCAT™ Professional:

  • Policy: Access to Protected Health Information
  • Policy: Accountability
  • Policy: Assigning Security Responsibilities
  • Policy: Audit
  • Policy: Authentication
  • Policy: Authorization and Termination
  • Policy: Automatic Logoff
  • Policy: Business Associate
  • Policy: Configuration Management
  • Policy: Contingency Plan
  • Policy: Data Backup and Storage
  • Policy: Device and Media Access Control
  • Policy: Document Retention, Availability, and Currency
  • Policy: Documentation Retention, Availability, and Update
  • Policy: Emergency Access Procedure
  • Policy: Encryption
  • Policy: Evaluation
  • Policy: Group Health Plans Documentation Implementation
  • Policy: Implement Policies and Procedures
  • Policy: Information System Activity Review
  • Policy: Integrity
  • Policy: Isolating Health Care Clearinghouse Functions
  • Policy: Login Monitoring
  • Policy: Maintenance Records
  • Policy: Password Management
  • Policy: Personnel Clearance
  • Policy: Physical Access Control
  • Policy: Protection from Malicious Software
  • Policy: Risk Analysis
  • Policy: Risk Management
  • Policy: Sanction
  • Policy: Secure Data Transmission
  • Policy: Security Incident Policy
  • Policy: Supervision
  • Policy: Testing and Revision
  • Policy: Training and Awareness
  • Policy: Unique User Identification
  • Policy: Workstation Use Guidelines
  • Procedure: Business Associate Contracts
  • Procedure: Contingency Planning (Disaster Recovery and Emergency Mode Operations)
  • Procedure: Contingency Planning (Scheduled Backups)
  • Procedure: Contingency Planning - All
  • Procedure: Data Backup and Storage
  • Procedure: Documentation Retention, Availability, and Update
  • Procedure: Group Health Plans Documentation Implementation
  • Procedure: Implement Policies and Procedures
  • Procedure: Information System and Activity Review
  • Procedure: Isolating Health Care Clearinghouse Functions
  • Procedure: Login Monitoring
  • Procedure: Password Management
  • Procedure: Physical Safeguards
  • Procedure: Risk Analysis and Risk Management
  • Procedure: Sanction
  • Procedure: Security Incident Response and Reporting
  • Procedure: Security Official Job Description
  • Procedure: Security Reminders
  • Procedure: Technical Safeguards
  • Procedure: Workforce Security (All)
  • Procedure: Workforce Security (Conducting and maintaining information systems review)
  • Procedure: Workforce Security (Maintaining an employee's access to PHI)
  • Procedure: Workforce Security (Terminating an employee's access to PHI)
  • Procedure: Written Contract or Other Arrangement

Reference Documents Included with HCAT™ Professional:

  • Final Security Rule

    •     - The final HIPAA security rule as published in the Federal Register.
  • Final Privacy Rule

    •     - The final HIPAA privacy rule as published in the Federal Register.
  • Final Privacy Rule Changes 2002

    •     - Changes that were made to the final rule that took effect in August 2002.
  • Privacy NPRM Proposed Changes March 2002

    •     - Notice of Proposed Rule making to the HIPAA privacy rule that took effect in August 2002.
  • HIPAA Title I Statutory Text

    •     - The text of the actual HIPAA law first enacted in 1996.