It is recommended to download your package and extract all files. Below are some of the policies and forms that you may want to have readily available:
Step 2: Security Incident Procedures and Breach Notification Plan
Security Incident Policy
Security Incident Report – Breach Notification Report
Step 3: HIPAA Policies and Procedures
Device, Media Controls, Verbal, and Written Controls Policy
Information Blocking Policy (or See Step 7 for additional information)
Password Management Policy
Patient Access to Medical Records Policy (Designated Record Set)
Patient Accounting of Disclosures Policy
Patient Amendment to Medical Records Policy (Designated Record Set)
Patient Authorizations for the Release of their PHI Policy
Patient Court Order & Subpoenas Policy
Patient Medical Records – Uses for Treatment & Payment Policy
Patient Notice of Privacy Practice – Complaint Policy
Patient Personal Representative Policy
Patient Research - De-identified PHI – Limited Data Set Policy
Patient Restrictions – Do not File Insurance – Confidential Communications
Protection from Malicious Code – Log-in Monitoring Policy
Sanction Policy
Workstation Use Policy
Step 4: HIPAA Forms and Documentation
HIPAA at a Glance handout
Password Management Log
Patient Access to Medical Records Request
Patient Accounting of Disclosures Requests & Forms
Patient Amendment to Medical Records Forms
Patient Authorizations for the Release of their PHI Forms
Patient Court Order & Subpoenas Policy
Patient Complaint for Privacy Violation Form
Patient Confidentiality Communication Request Form
Patient Notice of Privacy Practices
Patient Personal Representative Designation Form
Patient Request for Restrictions – Do not File Insurance Form
