HIPAA Security Rule

Use this checklist to ensure the HIPAA Security Rule is complied with. The HIPAA Security Rule requires the protection of electronically stored, protected health information (ePHI) of patients.

Download as free PDF

GET A DEMO
SIGN UP TO USE TEMPLATE
SIGN UP

HIPAA Security Rule



Training

1. Complete employee HIPAA training including employee responsibilities to HIPAA fines.


Photo Comment

2. Set up mechanisms to monitor changes to HHS guidelines, retrain staff as needed.


Photo Comment
HIPAA Projects

1. Assign a project manager or team


Photo Comment

2. Develop a project plan.


Photo Comment
Virtual Billing

1. Inventory data environments and operational steps for digital transactions.


Photo Comment

2. Build a list of outside partners for online transactions.


Photo Comment

3. Collect and analyse bills and operations for HIPAA Electronic Claims transaction and code set compliance.


Photo Comment
The Privacy Rule

1. Assign an internal HIPAA privacy and security compliance officer to create a compliance plan. This employee should focus on fraud and abuse, codes of conduct, whistle-blower suits, auditing and monitoring, disciplinary standards and personnel issues; responding to problems, investigations and corrective actions.


Photo Comment

2. Post a notice on data best practices and hand out to every patient.


Photo Comment

3. Collect and analyse forms and operations for HIPAA privacy rules complaince.


Photo Comment

4. Ensure human resources safeguards the privacy of your staff's personal health data.


Photo Comment

5. Develop specific written steps to collect, store, transfer and get rid of PHI.


Photo Comment

6. Create a documented process to handle complaints.


Photo Comment

7. Create patient authorization forms and other information in all main languages spoken by your clients.


Photo Comment
The Security Rule

1. Perform a complete risk assessment on existing infrastructure.


Photo Comment

2. Safeguard machines with anti-virus protections, firewalls, VPNs, SSL certificates and related technologies.


Photo Comment

3. Establish a daily backup system.


Photo Comment

4. Develop a disaster recovery and business continuity plans.


Photo Comment

5. Adopt security policies and procedures for all your operations, to include confidentiality statements, individually identifying information of system users, passwords, automatic logoff, acceptable use, email, internet usage, authentication of workstations, monitoring and documenting unauthorised access, audit trails of users, sanctions for misuse or disclosure and termination checklists.


Photo Comment

6. Review physical security and harden as needed.


Photo Comment

7. Write and provide job descriptions for roles required by the healthcare law.


Photo Comment

Is this sample what you are looking for?
Sign up to use & customise this template, or create your own custom checklist:

Checklist by GoAudits.com – Please note that this checklist is intended as an example. We do not guarantee compliance with the laws applicable to your territory or industry. You should seek professional advice to determine how this checklist should be adapted to your workplace or jurisdiction.

Seeing is Believing

Get a live demo customized to your unique needs, or get started with a 14-day FREE trial.

GET A DEMO
START FREE TRIAL
  • No credit card, no commitment.