PRIVACY POLICIES AND FORMS FOR BUSINESS ASSOCIATES



Similar documents
Securing the FOSS VistA Stack HIPAA Baseline Discussion. Jack L. Shaffer, Jr. Chief Operations Officer

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)

Policies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification

HIPAA Security. 5 Security Standards: Organizational, Policies. Security Topics. and Procedures and Documentation Requirements

HIPAA Compliance: Are you prepared for the new regulatory changes?

Privacy Officer Job Description 4/28/2014. HIPAA Privacy Officer Orientation. Cathy Montgomery, RN. Presented by:

HIPAA Security Rule Compliance

HIPAA Information Security Overview

HIPAA Security Matrix

HIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc.

HIPAA Compliance Guide

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

HIPAA Audit Processes HIPAA Audit Processes. Erik Hafkey Rainer Waedlich

Appendix 4-2: Sample HIPAA Security Risk Assessment For a Small Physician Practice

HIPAA Security. Jeanne Smythe, UNC-CH Jack McCoy, ECU Chad Bebout, UNC-CH Doug Brown, UNC-CH

Healthcare Compliance Solutions

HIPAA/HITECH PRIVACY & SECURITY CHECKLIST SELF ASSESSMENT INSTRUCTIONS

HIPAA Security Checklist

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

Privacy and Security Meaningful Use Requirement HIPAA Readiness Review

HIPAA Security. assistance with implementation of the. security standards. This series aims to

Security Is Everyone s Concern:

The Practical Guide to HIPAA Privacy and Security Compliance

HIPAA Security Alert

IBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview

HIPAA Security COMPLIANCE Checklist For Employers

HIPAA and Mental Health Privacy:

SECURITY RISK ASSESSMENT SUMMARY

Datto Compliance 101 1

HIPAA Compliance The Time is Now Changes on the Horizon: The Final Regulations on Privacy and Security. May 7, 2013

VMware vcloud Air HIPAA Matrix

A Technical Template for HIPAA Security Compliance

How To Write A Health Care Security Rule For A University

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

WHITE PAPER. Support for the HIPAA Security Rule RadWhere 3.0

Protecting Patient Information in an Electronic Environment- New HIPAA Requirements

White Paper. Support for the HIPAA Security Rule PowerScribe 360

HIPAA COMPLIANCE REVIEW

An Oracle White Paper December Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance

HIPAA SECURITY RISK ASSESSMENT SMALL PHYSICIAN PRACTICE

HIPAA Compliance Guide

The HIPAA Audit Program

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

ITS HIPAA Security Compliance Recommendations

SAMPLE HIPAA/HITECH POLICIES AND PROCEDURES MANUAL FOR THE SECURITY OF ELECTRONIC PROTECTED HEALTH INFORMATION

Research and the HIPAA Security Rule Prepared for the Association of American Medical Colleges by Daniel Masys, M.D. Professor and Chairman,

HIPAA PRIVACY AND SECURITY AWARENESS

When HHS Calls, Will Your Plan Be HIPAA Compliant?

HIPAA Security: Complying with the HIPAA Security Rule Implementation Specifications Are You Correctly Addressing Them?

Cloud Computing in a HIPAA- Compliant World. NRTRC Telemedicine Conference Dean Oswald March 25, 2014

HIPAA: In Plain English

Policies and Compliance Guide

Krengel Technology HIPAA Policies and Documentation

UNIVERSITY OF CALIFORNIA, SANTA CRUZ 2015 HIPAA Security Rule Compliance Workbook

HIPAA Security. 6 Basics of Risk Analysis and Risk Management. Security Topics

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

State HIPAA Security Policy State of Connecticut

The second section of the HIPAA Security Rule is related to physical safeguards. Physical safeguards are physical measures, policies and procedures

RAYSAFE S1 SECURITY WHITEPAPER VERSION B. RaySafe S1 SECURITY WHITEPAPER

C.T. Hellmuth & Associates, Inc.

Visa Inc. HIPAA Privacy and Security Policies and Procedures

HIPAA Security and HITECH Compliance Checklist

The Second National HIPAA Summit

HIPAA Compliance for Mobile Healthcare. Peter J. Haigh, FHIMSS Verizon

Joseph Suchocki HIPAA Compliance 2015

District of Columbia Health Information Exchange Policy and Procedure Manual

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

HIPAA/HITECH: A Guide for IT Service Providers

HIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations

New HIPAA regulations require action. Are you in compliance?

HIPAA SECURITY RULES FOR IT: WHAT ARE THEY?

Montclair State University. HIPAA Security Policy

Bridging the HIPAA/HITECH Compliance Gap

Data Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, :15pm 3:30pm

An Effective MSP Approach Towards HIPAA Compliance

Sustainable Compliance: A System for Ongoing Audit Readiness

HIPAA Security Series

OCR UPDATE Breach Notification Rule & Business Associates (BA)

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security. Topics

Policy Title: HIPAA Security Awareness and Training

HealthStream Regulatory Script

HIPAA and HITECH Compliance for Cloud Applications

Please Read. Apgar & Associates, LLC apgarandassoc.com P. O. Box Portland, OR Fax

Transcription:

PRIVACY POLICIES AND FORMS FOR BUSINESS ASSOCIATES TABLE OF CONTENTS A. Overview of HIPAA Compliance Program B. General Policies 1. Glossary of Defined Terms Used in HIPAA Policies and Procedures 2. Privacy Officer and Contact Person 3. Privacy Policies and Procedures 4. Training of Workforce Members on Privacy Policies and Procedures 5. Review and Resolution of Complaints 6. Refraining from Intimidating or Retaliatory Acts 7. Safeguarding Patient Information 8. Uses and Disclosures for Company s Compliance with Law or Proper Administration 9. Contracting with Covered Entities 10. Contracting with Subcontractors 11. Patient Authorization for Use and Disclosure of Protected Health Information 12. Uses and Disclosures for Public Policy Purposes of Covered Entities 13. Interaction with Personal Representatives and Persons Involved in the Patient s Care 14. Incidental Uses and Disclosures of Protected Health Information 15. Uses and Disclosures of Protected Health Information for Marketing 16. Uses and Disclosures of Psychotherapy Notes

17. Uses and Disclosures of De-Identified Health Information and Limited Data Sets Information 18. Verification of Identity and Authority 19. Minimum Necessary Requirements 20. Mitigation of Unauthorized Uses and Disclosures 21. Government Investigations 22. Audits C. Patient Rights 23. Special Communication Requirements 24. Access to and Amendment of Protected Health Information 25. Accounting of Non-Routine Disclosures of Protected Health Information 26. Patient s Right to Request Restrictions on Certain Uses and Disclosures 27. Covered Entities Notices of Privacy Practices D. Responding to Security Breaches and Unauthorized Uses and Disclosures E. Forms 28. Responding to Security Breaches 29. Reporting Unauthorized Uses or Disclosures 30. Certification of Training and Agreement of Compliance 31. Business Associate Contract 32. Downstream Subcontractor Agreement If you are interested in licensing HIPAA compliance materials, please contact Daniel Gottlieb at +1 312 984 6471 / dgottlieb@mwe.com, or Stephen Bernstein at +1 617 535 4062 / sbernstein@mwe.com. 2

SECURITY POLICIES AND FORMS FOR BUSINESS ASSOCIATES TABLE OF CONTENTS 1. Glossary 2. Security Management Process Risk Analysis And Management 3. Security Management Process Sanction Policy 4. Security Management Process Information System Activity 5. Assigned Security Responsibility 6. Workforce Security Authorization and/or Supervision; Workforce Clearance 7. Workforce Security Termination Procedures 8. Information Access Management Isolating Health Care Clearinghouse Functions 9. Information Access Management Access Authorization 10. Information Access Management Access Establishment And Modification 11. Security Awareness And Training 12. Security Awareness And Training Protection From Malicious Software 13. Security Awareness And Training Log-In Monitoring 14. Security Awareness And Training Password Management 15. Security Incident Procedures Response And Reporting 16. Contingency Plan Data Backup Plan 17. Contingency Plan Disaster Recovery Plan 18. Contingency Plan Emergency Mode Operation Plan 19. Contingency Plan Testing And Revision Procedures

20. Contingency Plan Applications And Data Criticality Analysis 21. Administrative Safeguards - Evaluation 22. Subcontractor Contracts and Other Arrangements 23. Facility Access Controls Contingency Operations 24. Facility Access Controls Facility Security Plan 25. Facility Access Controls Access Control and Validation Procedures 26. Facility Access Controls Maintenance Records 27. Workstation Use 28. Physical Safeguards Workstation Security 29. Device And Media Controls Disposal 30. Device And Media Controls Media Re-use 31. Device And Media Controls Accountability 32. Device And Media Controls Data Backup And Storage 33. Access Control Unique User Identification 34. Access Control Emergency Access Procedure 35. Access Control Automatic Log-off 36. Access Control Encryption and Decryption 37. Technical Safeguards Audit Controls 38. Integrity Mechanism to Authenticate EPHI 39. Person or Entity Authentication 40. Transmission Security Integrity Controls 41. Transmission Security Encryption 42. Policies and Procedures and Documentation Requirements 2

43. Appendix A Security Policies Acknowledgement Form 44. Appendix B Termination Checklist 45. Appendix C Request to Delete Network Account 46. Appendix D Network Account Registration Form 47. Appendix E Remote Vendor Access Sample Procedures 48. Appendix F General Security Incident Response Instructions 49. Appendix G Vendor Acknowledgement Form 50. Appendix H Acknowledgement of Responsibility For Building Access 51. Appendix I Security Addendum 52. Appendix J HIPAA Assessment Model Roadmap For Business Associate If you are interested in licensing HIPAA compliance materials, please contact Daniel Gottlieb at +1 312 984 6471 / dgottlieb@mwe.com, or Stephen Bernstein at +1 617 535 4062 / sbernstein@mwe.com. 3

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information