The Health Insurance Portability and Accountability Act (HIPAA)—and mirror-HIPAA, state law rules—require physicians, chiropractors, acupuncturists, and other healthcare providers, as well as the “business associates” who serve them—to comply with extensive legal rules designed to protect the privacy and security of protected healthcare information (“PHI”).

We know that HIPAA compliance can be both complex and time consuming. The rules are dense and arcane, elaborate and demanding.

These are why we have created an in-depth HIPAA Manual. Our HIPAA Manual contains essential Privacy and Security policies, procedures and forms, including:

  • 11 Privacy Rule Policies
  • 17 Privacy Rule Forms
  • 21 Security Rule Policies
  • 6 Security Rule Forms

Or 55 documents in all.

A total of over 120 pages of manual!

HIPAA Manual Disclaimer

And these draw on the HIPAA Privacy Rule and HIPAA Security Rule.

A strong HIPAA Manual containing policies, procedures, and forms, is critical for HIPAA compliance. So are the HIPAA forms.   Having these in place, together with other measures (such as HIPAA training) can potentially help document good faith efforts to comply with the onerous requirements of HIPAA.

HIPAA compliance is not guaranteed merely because the healthcare venture uses an EMR (electronic medical record) where the vendor claims to be “HIPAA compliant.” HIPAA compliance requires a number of steps—which include having a secure EMR—but the requirements are extensive, and much is required by way of implementation. Among other things, all members of the workforce require HIPAA training.

A Privacy and Security Manual is recommended, even if HIPAA does not technically apply because the medical practice or platform does not bill insurance electronically. The reason is that state law often has the same requirement as HIPAA that healthcare providers and entities maintain the privacy of medical records and implement reasonable (or adequate) security measures with respect to PHI (protected health information).

What if your employee had no knowledge of the rules for accessing and storing sensitive healthcare data? How do you properly destroy PHI data? What if there is a breach?

Our HIPAA Manual will help you address these critical infrastructure issues, among many others.

So why wait? Get your HIPAA Manual now!

Buy Now

Table of Contents

Disclaimer      
Introduction      
Security Manual Policies & Procedures
  SPP1 Security Management Process
SPP2 Security Official
SPP3 Workforce Security
SPP4 Information Access Management
SPP5 Security Awareness & Training
SPP5A Faxing & Emailing PHI
SPP6 Security Incident PROCEDURES
SPP7 Contingency Plan
SPP8 Evaluation
SPP9 Business Associate
SPP10 Facility Access Controls
SPP11 Workstation Use
SPP12 Workstation Security
SPP13 Device & Media Controls
SPP14 Access Controls
SPP15 Audit Controls
SPP16 Integrity
SPP17 Person or Entity Authentication
SPP18 Transmission Security
SPP19 Overview of Policies & PROCEDURES
SPP20 Documentation
Forms
SF1 Employee Breach & Reprimand Notice
SF2 Breach Determination
SF3 Master Access Record
SF4 Security & Confidentiality Agreement
SF5 Acknowledgment of HIPAA Training
SF6 Security Incident Reporting
Privacy Manual Policies & Procedures
PPP1 Privacy of PHI
  PPP1A Privacy Official
  PPP2 Access to PHI
  PPP3 Minimum Necessary
  PPP4 Notice of Privacy Practices
  PPP5 Use of PHI for Treatment, Payment & Operations
  PPP6 Authorization for Release of PHI
  PPP7 Restrictions to Disclosures and Uses of PHI
  PPP8 Method of Communication
  PPP9 Amendment of PHI
  PPP10 Accounting of Disclosures of PHI
Forms
  PF1A Cover Letter to Patient
PF1B Privacy Complaint Form
PF2A Patient Request for Access to PHI
PF2B Response to Patient Request for Access to PHI
PF4A Notice of Privacy Practices & Acknowledgment of Receipt
PF4B Employee Confidentiality Acknowledgment
PF6 Authorization for Use or Exchange of PHI
PF7A Request to Restrict Use & Disclosure of PHI
PF7B Response to Request to Restrict Use & Disclosure of PHI
PF8 Request re Method of Communication
PF9A Amendment of PHI
PF9B Amendment Acceptance Letter
PF9C Notification of Amendment Letter
PF9D Amendment Denial Letter
PF10A Request for Accounting of Disclosures of PHI
PF10B Response to Request for Accounting
PF10C Log of Accounting of Disclosures

Here are some additional resources on HIPAA that you can read:

COMMON HIPAA PRIVACY AND SECURITY VIOLATIONS FLAGGED

Common HIPAA violations are flagged by HIPAA Helper, a publication of ProPublica,an “independent, non-profit newsroom that produces investigative journalism in the public interest.”

DOES HIPAA SCALE FOR A PHYSICIAN PRACTICE? IS HIPAA COMPLIANCE MANDATORY?

HIPAA sounds like “hippo” for a reason: it’s big, clunky, noisy, and unwieldy. Can, and should, a small physician practice implement HIPAA practices?

CAN YOU MAKE HIPAA PRIVACY & SECURITY EASY FOR A SMALL DOCTOR’S OFFICE OR OTHER PRACTICE?

Making HIPAA compliance easy is like trying to catch a firefly in your hand.

HIPAA OMIBUS RULE: PART 1 (OVERVIEW)

The Department of Health and Human Services Office for Civil Rights (OCR) released its final rule, Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under […]

Course Information

HIPAA Policy & Procedures

$499.00