Deprecated: Creation of dynamic property Cookie_Law_Info_Cli_Policy_Generator::$plugin_name is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/cookie-law-info/legacy/admin/modules/cli-policy-generator/cli-policy-generator.php on line 176

Deprecated: Use of "self" in callables is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/cookie-law-info/legacy/includes/class-cookie-law-info.php on line 604

Deprecated: Creation of dynamic property WPCF7R_Base::$plugin_path is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-base.php on line 28

Deprecated: Creation of dynamic property WPCF7R_Base::$version is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-base.php on line 30

Deprecated: Creation of dynamic property WPCF7r_Settings::$page_slug is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-settings.php on line 18

Deprecated: Creation of dynamic property Qs_Api::$activation_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 15

Deprecated: Creation of dynamic property Qs_Api::$changelog_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 16

Deprecated: Creation of dynamic property Qs_Api::$api_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 17

Deprecated: Creation of dynamic property Qs_Api::$store_id is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 18

Deprecated: Creation of dynamic property Qs_Api::$sku is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 19

Deprecated: Creation of dynamic property Qs_Api::$extensions_list_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 20

Deprecated: Creation of dynamic property Qs_Api::$promotions_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 21

Deprecated: Creation of dynamic property WPCF7r_Settings::$api is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-settings.php on line 19

Deprecated: Creation of dynamic property WPCF7R_Base::$wpcf_settings is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-base.php on line 43

Deprecated: Creation of dynamic property Qs_Api::$activation_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 15

Deprecated: Creation of dynamic property Qs_Api::$changelog_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 16

Deprecated: Creation of dynamic property Qs_Api::$api_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 17

Deprecated: Creation of dynamic property Qs_Api::$store_id is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 18

Deprecated: Creation of dynamic property Qs_Api::$sku is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 19

Deprecated: Creation of dynamic property Qs_Api::$extensions_list_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 20

Deprecated: Creation of dynamic property Qs_Api::$promotions_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 21

Deprecated: Creation of dynamic property WPCF7R_Base::$wpcf7_redirect is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-base.php on line 45

Deprecated: Creation of dynamic property Qs_Api::$activation_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 15

Deprecated: Creation of dynamic property Qs_Api::$changelog_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 16

Deprecated: Creation of dynamic property Qs_Api::$api_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 17

Deprecated: Creation of dynamic property Qs_Api::$store_id is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 18

Deprecated: Creation of dynamic property Qs_Api::$sku is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 19

Deprecated: Creation of dynamic property Qs_Api::$extensions_list_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 20

Deprecated: Creation of dynamic property Qs_Api::$promotions_url is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-qs-api.php on line 21

Deprecated: Creation of dynamic property WPCF7r_Utils::$api is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-utils.php on line 23

Deprecated: Creation of dynamic property WPCF7R_Base::$wpcf7_utils is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-base.php on line 47

Deprecated: Creation of dynamic property WPCF7R_Base::$wpcf7_submission is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-base.php on line 49

Deprecated: Creation of dynamic property WPCF7R_Base::$wpcf7_user_panel is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/wpcf7-redirect/classes/class-wpcf7r-base.php on line 51

Deprecated: version_compare(): Passing null to parameter #2 ($version2) of type string is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/Ultimate_VC_Addons/Ultimate_VC_Addons.php on line 1272

Deprecated: ctype_digit(): Argument of type null will be interpreted as string in the future in /nas/content/live/ahsrcmprod/wp-content/mu-plugins/wpe-cache-plugin/cache-control.php on line 174

Deprecated: Use of "self" in callables is deprecated in /nas/content/live/ahsrcmprod/wp-content/plugins/cookie-law-info/legacy/includes/class-cookie-law-info.php on line 604
HIPAA Checklist

HIPAA Checklist

HIPAA and HITECH require physician practices and hospitals to have procedures in place to deal with specific aspects of PHI (Protected Health Information) including disclosures, access and security. Major components are the Privacy Rule[1], the Security Rule[2] and the Breach Notification Rule[3]. This checklist provides an overview of the requirements. A companion worksheet is available on the AdvantEdge website and upon request.

More detail is available in the official HHS documents and the AdvantEdge Compliance Office is available to assist clients in any of these areas.

Privacy Rule

The Privacy Rule applies to all media types including paper, oral, and electronic. It requires organizations to consider the confidentiality, integrity, and availability of PHI and to have procedures in place to address the use and disclosure of PHI, notice of privacy practices, and minimum necessary approach to using PHI.

001

Security Rule

The HIPAA Security Rule requires appropriate Administrative, Physical, and Technical Safeguards to ensure the confidentiality, integrity, and security of electronic PHI.

002

For more details, the Indian Health Service has prepared a detailed HIPAA Security Checklist[4].

Breach Notification Rule

Healthcare providers and their business associates are required to provide full disclosure about a breach. Any instance where PHI has been compromised and is in the position to be used in a harmful manner is considered a breach.

003

Background

The use of health information technology continues to expand in health care. Although these new technologies provide many opportunities and benefits for consumers, they also pose new risks to consumer privacy. Because of these increased risks, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) include national standards for the privacy of protected health information, the security of electronic protected health information, and breach notification to consumers. HITECH also requires HHS to perform periodic audits of covered entity and business associate compliance with the HIPAA Privacy, Security, and Breach Notification Rules.[5]

  • The audit protocol covers Privacy Rule requirements for (1) notice of privacy practices for PHI, (2) rights to request privacy protection for PHI, (3) access of individuals to PHI, (4) administrative requirements, (5) uses and disclosures of PHI, (6) amendment of PHI, and (7) accounting of disclosures.
  • The protocol covers Security Rule requirements for administrative, physical, and technical safeguards
  • The protocol covers requirements for the Breach Notification Rule.

– – – – –

[1] http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/

[2] http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/

[3] http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/

[4] http://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/

 

AdvantEdge
AdvantEdge