You may download individual policies, or you may download your package and extract all files. Below are some of the policies and forms that you may want to have readily available on a shared drive:
Step 2: Security Incident Procedures and Breach Notification Plan
Security Incident Policy
Security Incident Report – Breach Notification Report
Step 3: HIPAA Policies and Procedures
Device, Media Controls, Verbal, and Written Controls Policy
Information Blocking Policy (or See Step 7 for additional information)
Password Management Policy
Patient Access to Medical Records Policy (Designated Record Set)
Patient Accounting of Disclosures Policy
Patient Amendment to Medical Records Policy (Designated Record Set)
Patient Authorizations for the Release of their PHI Policy
Patient Court Order & Subpoenas Policy
Patient Information Blocking Policy
Patient Medical Records – Uses for Treatment & Payment Policy
Patient Nondiscrimination – Conscience Rights Policy
Patient Notice of Privacy Practice – Complaint Policy
Patient Personal Representative Policy
Patient Research - De-identified PHI – Limited Data Set Policy
Patient Restrictions – Do not File Insurance – Confidential Communications
Protection from Malicious Code – Log-in Monitoring Policy
Sanction Policy
Workstation Use Policy
Step 4: HIPAA Forms and Documentation
HIPAA at a Glance handout
Information Blocking Exceptions Form
Password Management Log
Patient Access to Medical Records Request
Patient Accounting of Disclosures Requests & Forms
Patient Amendment to Medical Records Forms
Patient Authorizations for the Release of their PHI Forms
Patient Complaint for Privacy Violation Form
Patient Confidentiality Communication Request Form
Patient Good Faith Estimate - Worksheet
Patient Notice of Privacy Practices
Patient Personal Representative Designation Form
Patient Request for Restrictions – Do not File Insurance Form
