HIPAA Security Policy Template Suite (updated for HITECH Act & Omnibus Rule)
The final HIPAA Security rule requires that healthcare organizations create policies and procedures to apply the security requirements of the law – and then train their employees on the use of these policies and procedures in their day-to-day jobs.
HIPAA rule has very specific requirements with regard to creating, implementing, or changing Policies and Procedures. “Standard: Policies and Procedures — A covered entity must implement policies and procedures with respect to protected health information that are designed to comply with the standards, implementation specifications, or other requirements of this subpart. The policies and procedures must be reasonably designed, taking into account the size of and the type of activities that relate to protected health information undertaken by the covered entity, to ensure such compliance. This standard is not to be construed to permit or excuse an action that violates any other standard, implementation specification, or other requirement of this subpart.”
We have developed 71 HIPAA security policies which include 60 security policies & procedures required by HIPAA Security regulation and additional 11 policies, checklist and forms as supplemental documents to the required policies. These policies meet the challenges of creating enterprise-wide security policies. The suite addresses all major components of the HIPAA Security Rule and each policy can be adopted or customized based on your organization’s needs. These policies have been updated for HITECH act changes due to ARRA regulation and Omnibus Rule of 2013.
- Policies on the Standards for Administrative Safeguards
· Access Establishment and Modification
· Application and Data Criticality Analysis
· Assigned Security Responsibility
· Authorization and or Supervision
· Breach Notification
· Business Associate Agreement
· Business Associate Contracts and Other Arrangements
· Contingency Plan
· Data Backup Plan
· Disaster Recovery Plan
· Emergency Mode Operation Plan
· Evaluation
· Execution of Business Associate Agreements with Contracts
· HIPAA Access Authorization
· Information Access Management
· Information System Activity Review
· Log-in Monitoring
· Password Management
· Protection from Malicious Software
· Response and Reporting
· Risk Analysis
· Risk Management
· Sanction Policy
· Security Awareness and Training
· Security Incident Procedures
· Security Management Process
· Security Reminders
· Termination Procedures
· Testing and Revision Procedure
· Workforce Clearance Procedure
· Workforce Security - II. Policies on the Standards for Physical Safeguards
· Access Control and Validation Procedures
· Accountability
· Contingency Operation
· Data backup and Storage
· Device and Media Controls
· Disposal
· Facility Access Controls
· Facility Security Plan
· Maintenance Records
· Media Re-use
· Mobile Device Policy
· Workstation Security
· Workstation UseIII. Policies on the Standards for Technical Safeguards
· Access Controls
· Audit Controls
· Automatic Logoff
· Emergency Access Procedure
· Encryption
· Encryption and Decryption
· Integrity
· Integrity Controls
· Mechanism to Authenticate ePHI
· Person or Entity Authentication
· Transmission Security
· Unique User IdentificationIV. Organizational Requirements
· Documentation
· Isolating Healthcare Clearinghouse Function
· Policies and Procedures
· Requirements for Group Health PlansV. Supplemental Policies for Required HIPAA Policies
· Analog ISDN Line Security Policy
· Automatically Forwarded Email Policy
· Dial in Access Policy
· Email Use Policy
· Ethics Policy
· Extranet Policy
· Internet DMZ Equipment Policy
· Network Security Policy
· Remote Access Policy
· Virtual Private Network (VPN) Security Policy
· Wireless Security Policy
For a multi-entity licenses or templates, contact Bob Mehta at (515) 865-4591 for discounted pricing.
To view the license for the template, please visit https://www.training-hipaa.net/license-agreement-for-hipaa-security-policy-templates-suite/
All orders placed after 11 a.m. CST Monday through Friday will process by next business day, except for New Year’s Day, Memorial Day, Independence Day, Labor Day, Thanksgiving Day, and Christmas Day. International shipping may take additional days.
If you have placed order and you need urgent delivery of the product, please call us at (515) 865-4591 and we will try to ship the order on the same day. We can e-mail this product to you if you need. Please notify in comments section or send e-mail to Bob@training-HIPAA.Net
By buying these templates, you agree to our templates license. Do not buy templates if you do not agree to our templates terms of use license.
Reviews
There are no reviews yet.