 |
Our HITECH Act Compliance Package is the most comprehensive and easy to use package available. It includes all of the documents listed below. Simply customize each document with the name of your organization, print it, and place it into your HIPAA Policies and Procedures binder.  |
|
Administrative Safeguards
1. Security Management Process (Standard) a. Risk Analysis (Required) b. Risk Management (Required) c. Sanction Policy (Required) d. Information System Activity Review (Required) 2. Assigned Security Responsibility (Standard) 3. Workforce Security (Standard) 4. Information Access Management (Standard) 5. Security Awareness Training (Standard) 6. Security Incident Procedures (Standard) a. Response and Reporting (Required) 7. Contingency Plan (Standard) a. Data Backup Plan (Required) b. Disaster Recovery Plan (Required) c. Emergency Mode Operation Plan (Required) 8. Evaluation (Standard) 9. Business Associate Contracts and Other Arrangements (Standard) a. Written Contract or Other Arrangement (Required)
Physical Safeguards
1. Facility Access Controls (Standard) 2. Workstation Use (Standard) 3. Workstation Security (Standard) 4. Devices and Media Controls (Standard) a. Disposal (Required) b. Media Re-use (Required)
Technical Safeguards
1. Access Control (Standard) a. Unique User Identification (Required) b. Emergency Access Procedure (Required) 2. Audit Controls (Standard) 3. Integrity (Standard) 4. Person or Entity Authentication (Standard) 5. Transmission Security (Standard)
Appendix
1. Glossary 2. Privacy Officer Job Description 3. Security Officer Job Description 4. Security Standards Matrix 5. Risk Assessment Template 6. System Audit Control And Review |
Privacy Safeguards
1. Authorization for Use and Disclosure of Health Information 2. Breach Notification 3. Data Classification Policy 4. Destruction and Disposal of Protect Health Information Media 5. Disclosure of Protected Health Information for Workers' Compensation Purposes 6. Minimum Necessary Uses and Disclosures 7. Patient Complaints Concerning Privacy 8. Patient Privacy Rights 9. Patient Right To Request Amendment Of Protected Health Information 10. Patient Right To Request Confidential Communications 11. Prohibition of Retaliation Against Employees (Whistle Blowers) 12. Use and Disclosure of Protect Health Information for Marketing Purposes 13. Use and Disclosure of Protected Health Information for Judicial and Administrative Proceedings 14. Disclosure Restrictions on Out of Pocket Payments
Required Forms
1. Acceptance Of Request For Amendment To Protected Health Information Letter 2. Acknowledgement of Receipt of HITECH Compliance Manual 3. Acknowledgement of Receipt of Privacy Notice Form 4. Authorization for Disclosure of Health Information Form 5. Authorization for Use and Disclosure of Information for Research Purposes Form 6. Breach Notification Notice 7. Business Associates Agreement Form 8. Certificate Of Destruction Form 9. Denial Of Request For Amendment To Protected Health Information Letter 10. Disclosure of Protected Health Information Log 11. Patient Complaints Concerning Privacy Form 12. Patient Right To Receive Confidential Communications Form 13. Patient Right To Request Amendment To Protected Health Information Form 14. Release of Records Letter 15. Request for Accounting of Disclosure of Protected Health Information Form 16. Revocation of Authorization to Release Protected Health Information Form 17. Notice of Provider Practices |