Hipaa Security Software - Get Hip Software
HIPAA SECURITY - SAMPLE DOCUMENTS included with
GetHIP Software
provides a comprehensive set of documents including:
HIPAA POLICIES & PROCEDURES
ITEM: DESCRIPTION:
HIPAA Access Authorization Policy and Procedure HIPAA policy and procedure affirming staff only have access to ePHI needed to perform their jobs.
HIPAA Audit Control Policy and Procedure HIPAA policy and procedure addressing event logging and regularly scheduled audits.
HIPAA Business Associate Policy and Procedure HIPAA policy and procedure addressing business associate contract requirements.
HIPAA Data Backup Policy and Procedure HIPAA policy and procedure addressing routine data backup.
HIPAA Data Integrity Policy and Procedure HIPAA policy and procedure addressing technical data integrity controls.
HIPAA Device and Media Accountability Policy and Procedure HIPAA policy and procedure addressing equipment and media movement.
HIPAA Disposal and Media Re-use Policy and Procedure HIPAA policy and procedure describing standards for media re-use and disposal.
HIPAA Facility Access Control Policy and Procedure HIPAA policy and procedure describing facilitiy access controls and emergency access procedures
HIPAA Password Management Policy and Procedure HIPAA policy and procedure explaining password management practices.
HIPAA Remote Workstation Use and Security Policy and Procedure HIPAA policy and procedure addressing workstation security in outside environments.
HIPAA Risk Analysis Policy and Procedure HIPAA policy and procedure describing the risk analysis process.
HIPAA Risk Management Policy and Procedure HIPAA policy and procedure describing risk management processes.
HIPAA Sanctions Policy and Procedure HIPAA policy and procedure addressing sanctions for security violations.
HIPAA Security Awareness and Training Policy and Procedure HIPAA policy and procedure addressing workforce training requirements.
HIPAA Security Evaluation Policy and Procedure HIPAA policy and procedure describing the security evaluation process.
HIPAA Security Incident Policy and Procedure HIPAA policy and procedure describing the process for reporting and tracking security incidents.
HIPAA Session Termination Policy and Procedure HIPAA policy and procedure addressing automatic session termination controls.
HIPAA System Activity Review Policy and Procedure HIPAA policy and procedure identifying frequency and types of data included in system activity reviews.
HIPAA Technical Access Control Policy and Procedure HIPAA policy and procedure addressing management of user IDs and access privileges.
HIPAA User Authentication Policy and Procedure HIPAA policy and procedure describing user authentication technical controls.
HIPAA Workforce Security Policy and Procedure HIPAA policy and procedure addressing workforce access to ePHI.
HIPAA Workstation Use and Security Policy and Procedure HIPAA policy and procedure addressing workstation security in office environments.
HIPAA Policies and Procedures Planning Worksheet Worksheet used to identify appropriate HIPAA security policies and procedures.
CHECKLISTS
ITEM: DESCRIPTION:
Access Termination Checklist Checklist of HIPAA security-related activities to be considered when an employee is terminated.
Common Security Incidents Checklist List of common security incidents organizations may want to report on and track.
Compliance Documentation Checklist Checklist used to verify that all required security documentation has been prepared.
Disaster Recovery Resource Checklist Checklist used to evaluate resource requirements in an emergency.
Remote Workstation Security Checklist Checklist used to evaluate workstation use in remote locations.
Workstation Security Checklist Checklist used to evaluate the adequacy of workstation security measures.
LEGAL DOCUMENTS
ITEM: DESCRIPTION:
Affiliated Covered Entity Memorandum Memo documenting the organization's designation as an affiliated entity.
Business Associate Contract Addendum Contract addendum template addressing security requirements.
Business Associate Contract Log Log tracking efforts to obtain security addenda from business associates
Business Associate Contract (Security) Business Associate Agreeement with security provisions inlcuded.
Clearinghouse Determination Memo Memo documenting review of clearinghouse requirements.
Contract Addendum Cover Letter Cover letter requesting that a business associate sign the security addendum.
Minimum Necessary Uses Grid Worksheet used to evaluate the need for access to ePHI by staff position and information source.
TRAINING MATERIALS
ITEM: DESCRIPTION:
Password Guidelines Guidelines instructing staff on password management practices.
Password Management Presentation Training presentation reviewing common password management practices.
Point-of-Care HIPAA Security Guidelines Checklist used as a security training tool for clinicians utilizing point-of-care computers.
Safe E-Mail Presentation Training presentation reviewing common e-mail screening practices.
HIPAA Security Course Attendance Sheet Attendance sheet identifying all workforce members participating in a security training session.
HIPAA Security Course Log Record of all security training sessions conducted by the organization.
HIPAA Security Fundamentals Presentation Training presentation covering key aspects of the Security Rule and essential security concepts.
HIPAA Security Training Attendance Record Record of security training sessions attended for each workforce member.
Virus Protection Presentation Training presentation on the importance of practicing safe computing in the office and home.
Workstation Environmental Guidelines Guidelines regarding workstation physical surroundings.
ASSESSMENT TOOLS
ITEM: DESCRIPTION:
Administrative Environmental Assessment Tool Workbook used to gather information for the administrative (operations) risk analysis.
Physical Environmental Assessment Tool Workbook used to gather information for the physical (buildings and equipment) risk analysis.
Technical Environmental Assessment Tool Workbook used to gather information for the technical (systems, network) risk analysis.
FORMS & OTHER DOCUMENTS
ITEM: DESCRIPTION:
Critical Applications Worksheet Worksheet to help identify critical software applications to be protected in an emergency.
Critical Data Worksheet Worksheet to help identify critical data to be protected in an emergency.
Equipment and Media Log Log tracking the location and movement of equipment and media
Facility Security Maintenance Log Log recording information on security-related changes and repairs at facilities
Security Incident Log Form used by staff to compile summary data on security incidents
Security Incident Reporting and Tracking Form Log used to track the status of security incidents, from reporting through resolution.
Security Official Job Description Job description identifying essential security official duties and responsibilities.
System Activity Review Worksheet Worksheet used to identify data types and sources for system activity reviews.
Briggs Corporation - StonyHill Management


HOME  |  HIPAA SOFTWARE  |  HIPAA NEWS  |  TESTIMONIALS  |  HIPAA VIDEOS  | CONTACT
PURCHASE GetHIP   |  HIPAA TIMELINE


Copyright© 2004 Stony Hill Management   |   All Rights Reserved.