SlideShare ist ein Scribd-Unternehmen logo

2010 New Guidelines Hipaa Checklist V1

GuardEra Access Solutions, Inc.
GuardEra Access Solutions, Inc.

2010 HIPAA Security Checklist

1 von 1
Downloaden Sie, um offline zu lesen
2010 HIPAA Checklist for Covered Entities    STEP  DESCRIPTION  COMPLETED  1.   Contact existing BA’s and verify readiness to comply with new and heightened    Business  HIPAA guidelines  Associate  Contact partners expected to obtain BA status as a result of the HITECH ACT  Review  expanded definition for BA’s (vendors and service providers  Update BA agreement to include new privacy and security expectations for BA’s Execute updated BA agreements with all relevant parties  2.   Assemble organizational plan to address breach notification guidelines or    Breach  prepare to meet safe harbor standards for PHI  Notification or  Update HIPAA policies and procedures to manage breach events for your  Safe Harbor  organization and BA partners  Create breach notification template letter  Train staff on new procedures and new “notice” materials  3.   Revise policies and procedures to support PHI disclosure restriction requests    PHI Restrictions  Ensure systems can flag data affected by these requests  Train staff  4.   Revise policies and procedures to support requests to obtain a copy of    EHR Records  information contained in an individual’s EHR  Request  Train staff  5.  Marketing  Amend policies and procedures to address updated HIPAA marketing guidelines   Activities  Train staff on new expectations  “Minimum  Revise and execute new “minimum necessary” policies    Necessary”  Train staff  Standards  6.   Revise policies and procedures to address individual requests for an accounting    Accounting of  of PHI disclosures  Disclosures  Ensure systems can track disclosures, including remote access  7.   Revise privacy notice to address: breach notification    Privacy Notice  • PHI restrictions  • EHR record requests  • Marketing changes  • “Minimum necessary” guidelines  • Sale of PHI  Distribute and post updated policy as required and share with all BA’s   

Empfohlen

Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA Compliance
Hostway|HOSTING
 
HIPAA Basic Healthcare Guide
HIPAA Basic Healthcare GuideHIPAA Basic Healthcare Guide
HIPAA Basic Healthcare Guide
Wirehead Technology
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
TrueVault
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA Compliance
Jim Anfield
 
HIPAA 101 for Startups
HIPAA 101 for StartupsHIPAA 101 for Startups
HIPAA 101 for Startups
Obaa, Inc.
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
TrueVault
 
HIPAA Compliance Checklist
HIPAA Compliance ChecklistHIPAA Compliance Checklist
HIPAA Compliance Checklist
Leigh-Ann Renz
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
supportc2go
 

Empfohlen

Assessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA ComplianceAssessing Your Hosting Environment for HIPAA Compliance
Assessing Your Hosting Environment for HIPAA Compliance
Hostway|HOSTING
 
HIPAA Basic Healthcare Guide
HIPAA Basic Healthcare GuideHIPAA Basic Healthcare Guide
HIPAA Basic Healthcare Guide
Wirehead Technology
 
Application Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA ComplianceApplication Developers Guide to HIPAA Compliance
Application Developers Guide to HIPAA Compliance
TrueVault
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA Compliance
Jim Anfield
 
HIPAA 101 for Startups
HIPAA 101 for StartupsHIPAA 101 for Startups
HIPAA 101 for Startups
Obaa, Inc.
 
HIPAA Compliance for Developers
HIPAA Compliance for DevelopersHIPAA Compliance for Developers
HIPAA Compliance for Developers
TrueVault
 
HIPAA Compliance Checklist
HIPAA Compliance ChecklistHIPAA Compliance Checklist
HIPAA Compliance Checklist
Leigh-Ann Renz
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
supportc2go
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
himalya sharma
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
himalya sharma
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-Wong
Lorianne Sainsbury-Wong
 
Hipaa omnibus
Hipaa omnibusHipaa omnibus
Hipaa omnibus
wardell henley
 
Hipaa Compliance
Hipaa Compliance Hipaa Compliance
Hipaa Compliance
DeterminedSkin124
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliance
Prince George
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA Compliance
Hanna Global
 
Keeping Your Business HIPAA-Compliant
Keeping Your Business HIPAA-CompliantKeeping Your Business HIPAA-Compliant
Keeping Your Business HIPAA-Compliant
Carbonite
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your Problem
SecurityMetrics
 
Hipaa checklist for healthcare software
Hipaa checklist for healthcare softwareHipaa checklist for healthcare software
Hipaa checklist for healthcare software
Concetto Labs
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAA
Manas Deep
 
HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...
Compliancy Group
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Facts
resourceone
 
Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?
Compliancy Group
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security Presentation
Rebecca Norman
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA Complaince
FarhatParveen10
 
HIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An OverviewHIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An Overview
ClearDATACloud
 
HIPAA-1-_FINAL_Draft
HIPAA-1-_FINAL_DraftHIPAA-1-_FINAL_Draft
HIPAA-1-_FINAL_Draft
Kevin Jenkins
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA Compliance
AtMyDeskTraining
 
Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines
Aegify Inc.
 
How to make your Mobile App HIPPA Compliant
How to make your Mobile App HIPPA CompliantHow to make your Mobile App HIPPA Compliant
How to make your Mobile App HIPPA Compliant
Ketan Raval
 
Why SMS is not HIPAA compliant
Why SMS is not HIPAA compliantWhy SMS is not HIPAA compliant
Why SMS is not HIPAA compliant
qliqSoft
 

Weitere ähnliche Inhalte

Was ist angesagt?

Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?
Compliancy Group
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security Presentation
Rebecca Norman
 
HIPAA-1-_FINAL_Draft
HIPAA-1-_FINAL_DraftHIPAA-1-_FINAL_Draft
HIPAA-1-_FINAL_Draft
Kevin Jenkins
 

Was ist angesagt? (20)

HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
HIPAA | HIPAA Training
HIPAA | HIPAA TrainingHIPAA | HIPAA Training
HIPAA | HIPAA Training
 
HIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-WongHIPAA Access Medical Records by Sainsbury-Wong
HIPAA Access Medical Records by Sainsbury-Wong
 
Hipaa omnibus
Hipaa omnibusHipaa omnibus
Hipaa omnibus
 
Hipaa Compliance
Hipaa Compliance Hipaa Compliance
Hipaa Compliance
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliance
 
How to Ensure HIPPA Compliance
How to Ensure HIPPA ComplianceHow to Ensure HIPPA Compliance
How to Ensure HIPPA Compliance
 
Keeping Your Business HIPAA-Compliant
Keeping Your Business HIPAA-CompliantKeeping Your Business HIPAA-Compliant
Keeping Your Business HIPAA-Compliant
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your Problem
 
Hipaa checklist for healthcare software
Hipaa checklist for healthcare softwareHipaa checklist for healthcare software
Hipaa checklist for healthcare software
 
Understanding HIPAA
Understanding HIPAAUnderstanding HIPAA
Understanding HIPAA
 
HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...
 
You and HIPAA - Get the Facts
You and HIPAA - Get the FactsYou and HIPAA - Get the Facts
You and HIPAA - Get the Facts
 
Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?Do You Know How to Handle a HIPAA Breach?
Do You Know How to Handle a HIPAA Breach?
 
HIPPA Security Presentation
HIPPA Security PresentationHIPPA Security Presentation
HIPPA Security Presentation
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA Complaince
 
HIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An OverviewHIPAA Compliant Cloud Computing, An Overview
HIPAA Compliant Cloud Computing, An Overview
 
HIPAA-1-_FINAL_Draft
HIPAA-1-_FINAL_DraftHIPAA-1-_FINAL_Draft
HIPAA-1-_FINAL_Draft
 
Simple Steps to HIPAA Compliance
Simple Steps to HIPAA ComplianceSimple Steps to HIPAA Compliance
Simple Steps to HIPAA Compliance
 
Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines
 

Andere mochten auch

A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAA
Daniel P Wallace
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
data brackets
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
Amazon Web Services
 

Andere mochten auch (15)

How to make your Mobile App HIPPA Compliant
How to make your Mobile App HIPPA CompliantHow to make your Mobile App HIPPA Compliant
How to make your Mobile App HIPPA Compliant
 
Why SMS is not HIPAA compliant
Why SMS is not HIPAA compliantWhy SMS is not HIPAA compliant
Why SMS is not HIPAA compliant
 
HIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical PracticesHIPAA Compliance Checklist for Medical Practices
HIPAA Compliance Checklist for Medical Practices
 
Sample Business Associate Agreement
Sample Business Associate AgreementSample Business Associate Agreement
Sample Business Associate Agreement
 
Protecting PHI with encryption for HIPAA compliance
Protecting PHI with encryption for HIPAA complianceProtecting PHI with encryption for HIPAA compliance
Protecting PHI with encryption for HIPAA compliance
 
A project approach to HIPAA
A project approach to HIPAAA project approach to HIPAA
A project approach to HIPAA
 
HIPAA HITECH training 7-9-12
HIPAA HITECH training 7-9-12HIPAA HITECH training 7-9-12
HIPAA HITECH training 7-9-12
 
SAMPLE HIPAA Security Rule Corrective Action Plan Project Charter
SAMPLE HIPAA Security Rule Corrective Action Plan Project CharterSAMPLE HIPAA Security Rule Corrective Action Plan Project Charter
SAMPLE HIPAA Security Rule Corrective Action Plan Project Charter
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
 
HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 
Hipaa Compliance With IT
Hipaa Compliance With ITHipaa Compliance With IT
Hipaa Compliance With IT
 
Leading your HIPAA Compliance Culture in 2016
Leading your HIPAA Compliance Culture in 2016Leading your HIPAA Compliance Culture in 2016
Leading your HIPAA Compliance Culture in 2016
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
 
2017 FS-ISAC Security Conference
2017 FS-ISAC Security Conference2017 FS-ISAC Security Conference
2017 FS-ISAC Security Conference
 
HIPAA Audio Presentation
HIPAA Audio PresentationHIPAA Audio Presentation
HIPAA Audio Presentation
 

Ähnlich wie 2010 New Guidelines Hipaa Checklist V1

Training Your Business Associate Workforce: Understanding Obligations and Ri...
Training Your Business Associate Workforce: Understanding Obligations and Ri...Training Your Business Associate Workforce: Understanding Obligations and Ri...
Training Your Business Associate Workforce: Understanding Obligations and Ri...
NJVC, LLC
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
supportc2go
 
Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...
Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...
Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...
Tracie Thompson
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
colaliamba
 
2014 updated editable hipaa hitech policy and procedures
2014 updated editable hipaa hitech policy and procedures2014 updated editable hipaa hitech policy and procedures
2014 updated editable hipaa hitech policy and procedures
Charles McNeil
 
C427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docxC427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docx
write22
 
C427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docxC427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docx
write31
 
Confidentiality in the healthcare system
Confidentiality in the healthcare systemConfidentiality in the healthcare system
Confidentiality in the healthcare system
pfor2012
 
HIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesHIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and Guidelines
Conference Panel
 
Webinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishmentsWebinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishments
Compliance Trainings
 
070215 Plenary Ray
070215 Plenary Ray070215 Plenary Ray
070215 Plenary Ray
maniclub
 
Hipaa privacy and security 03192014
Hipaa privacy and security 03192014Hipaa privacy and security 03192014
Hipaa privacy and security 03192014
Samantha Haas
 

Ähnlich wie 2010 New Guidelines Hipaa Checklist V1 (20)

Training Your Business Associate Workforce: Understanding Obligations and Ri...
Training Your Business Associate Workforce: Understanding Obligations and Ri...Training Your Business Associate Workforce: Understanding Obligations and Ri...
Training Your Business Associate Workforce: Understanding Obligations and Ri...
 
Hipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providersHipaa compliance for small healthcare providers
Hipaa compliance for small healthcare providers
 
Achieving HIPAA Compliance: The Roadmap to Certification Success
Achieving HIPAA Compliance: The Roadmap to Certification SuccessAchieving HIPAA Compliance: The Roadmap to Certification Success
Achieving HIPAA Compliance: The Roadmap to Certification Success
 
Hi paa and eh rs
Hi paa and eh rsHi paa and eh rs
Hi paa and eh rs
 
Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...
Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...
Cybersecurity in Health Care Sector: HIPAA Responsibilities from a Legal and ...
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
 
2014 updated editable hipaa hitech policy and procedures
2014 updated editable hipaa hitech policy and procedures2014 updated editable hipaa hitech policy and procedures
2014 updated editable hipaa hitech policy and procedures
 
EHR Certification for Medical Practices
EHR Certification for Medical PracticesEHR Certification for Medical Practices
EHR Certification for Medical Practices
 
HIPAA for Dummies
HIPAA for DummiesHIPAA for Dummies
HIPAA for Dummies
 
C427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docxC427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docx
 
C427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docxC427 Technology Applications in Healthcare Performance Assessment.docx
C427 Technology Applications in Healthcare Performance Assessment.docx
 
How cannabis bpo works ?
How cannabis bpo works ?How cannabis bpo works ?
How cannabis bpo works ?
 
What Covered Entities Need to Know about OCR HIPAA Audit​s
What Covered Entities Need to Know about OCR HIPAA Audit​sWhat Covered Entities Need to Know about OCR HIPAA Audit​s
What Covered Entities Need to Know about OCR HIPAA Audit​s
 
Confidentiality in the healthcare system
Confidentiality in the healthcare systemConfidentiality in the healthcare system
Confidentiality in the healthcare system
 
HIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and GuidelinesHIPAA and Patient Access of Information - New Rules and Guidelines
HIPAA and Patient Access of Information - New Rules and Guidelines
 
Compliance Overview - HIPAA Compliance Reviews - Audit Protocol
Compliance Overview - HIPAA Compliance Reviews - Audit ProtocolCompliance Overview - HIPAA Compliance Reviews - Audit Protocol
Compliance Overview - HIPAA Compliance Reviews - Audit Protocol
 
Webinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishmentsWebinar on how to implement hipaa requirements in gx p regulated establishments
Webinar on how to implement hipaa requirements in gx p regulated establishments
 
070215 Plenary Ray
070215 Plenary Ray070215 Plenary Ray
070215 Plenary Ray
 
Hipaa privacy and security 03192014
Hipaa privacy and security 03192014Hipaa privacy and security 03192014
Hipaa privacy and security 03192014
 
Translating compliance requirements into action items 340B
Translating compliance requirements into action items 340BTranslating compliance requirements into action items 340B
Translating compliance requirements into action items 340B
 

Mehr von GuardEra Access Solutions, Inc.

Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & Cost
GuardEra Access Solutions, Inc.
 

Mehr von GuardEra Access Solutions, Inc. (20)

HIPAA Regs
HIPAA RegsHIPAA Regs
HIPAA Regs
 
HITECH Modifications to HIPAA
HITECH Modifications to HIPAAHITECH Modifications to HIPAA
HITECH Modifications to HIPAA
 
Patrick Notley1
Patrick Notley1Patrick Notley1
Patrick Notley1
 
Awarenesstechnologies Intro Document
Awarenesstechnologies Intro DocumentAwarenesstechnologies Intro Document
Awarenesstechnologies Intro Document
 
Mx Pb En 100929
Mx Pb En 100929Mx Pb En 100929
Mx Pb En 100929
 
Rp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xgRp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xg
 
Deepwater Horizon
Deepwater HorizonDeepwater Horizon
Deepwater Horizon
 
Cloud Computing Payback
Cloud Computing PaybackCloud Computing Payback
Cloud Computing Payback
 
10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets
 
Security Breach Laws
Security Breach LawsSecurity Breach Laws
Security Breach Laws
 
2010 Hipaa Rules 011310
2010 Hipaa Rules 0113102010 Hipaa Rules 011310
2010 Hipaa Rules 011310
 
Og Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact ReportOg Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact Report
 
Accel Ops Brochure0609
Accel Ops Brochure0609Accel Ops Brochure0609
Accel Ops Brochure0609
 
Healthcare Data Security Update
Healthcare Data Security UpdateHealthcare Data Security Update
Healthcare Data Security Update
 
HITECH Act
HITECH ActHITECH Act
HITECH Act
 
EMR Yes- No
EMR Yes- NoEMR Yes- No
EMR Yes- No
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
 
Closing the Clinical IT Chasm
Closing the Clinical IT ChasmClosing the Clinical IT Chasm
Closing the Clinical IT Chasm
 
Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & Cost
 
2009 Databreach Report
2009 Databreach Report2009 Databreach Report
2009 Databreach Report
 

2010 New Guidelines Hipaa Checklist V1

  • 1. 2010 HIPAA Checklist for Covered Entities    STEP  DESCRIPTION  COMPLETED  1.   Contact existing BA’s and verify readiness to comply with new and heightened    Business  HIPAA guidelines  Associate  Contact partners expected to obtain BA status as a result of the HITECH ACT  Review  expanded definition for BA’s (vendors and service providers  Update BA agreement to include new privacy and security expectations for BA’s Execute updated BA agreements with all relevant parties  2.   Assemble organizational plan to address breach notification guidelines or    Breach  prepare to meet safe harbor standards for PHI  Notification or  Update HIPAA policies and procedures to manage breach events for your  Safe Harbor  organization and BA partners  Create breach notification template letter  Train staff on new procedures and new “notice” materials  3.   Revise policies and procedures to support PHI disclosure restriction requests    PHI Restrictions  Ensure systems can flag data affected by these requests  Train staff  4.   Revise policies and procedures to support requests to obtain a copy of    EHR Records  information contained in an individual’s EHR  Request  Train staff  5.  Marketing  Amend policies and procedures to address updated HIPAA marketing guidelines   Activities  Train staff on new expectations  “Minimum  Revise and execute new “minimum necessary” policies    Necessary”  Train staff  Standards  6.   Revise policies and procedures to address individual requests for an accounting    Accounting of  of PHI disclosures  Disclosures  Ensure systems can track disclosures, including remote access  7.   Revise privacy notice to address: breach notification    Privacy Notice  • PHI restrictions  • EHR record requests  • Marketing changes  • “Minimum necessary” guidelines  • Sale of PHI  Distribute and post updated policy as required and share with all BA’s