HIPAA - Policies and Procedures

As per 45 CFR 164.316, A covered entity or business associate must Implement reasonable and appropriate policies and procedures to comply with the standards and must be documented in written or electronic format. The organization must review and update (if needed) these documents periodically and make available to the persons responsible for implementation.

Examples of HIPAA procedures to be documented.

HIPAA - Administrative safeguards

  • Risk analysis
  • Risk management
  • Sanction policy
  • Information system activity review
  • Identify responsible security official
  • Workforce security
  • Termination procedures
  • Information access management
  • Security awareness and training
  • Contingency plan
  • Business associate contracts and other arrangements

Physical safeguards

  • Facility access controls
  • Workstation use
  • Workstation security
  • Device and media controls

Technical safeguards

  • Access control
  • Audit controls
  • Integrity
  • Transmission security

Organizational requirements

  • Business associate contracts or other arrangements
  • Requirements for group health plans
hipaa policy manual

LMG offers HIPAA compliance assistance to Chicago and suburbs from Aurora, Illinois and New York & surrounding states from Manhasset, New York.

Our Consulting Services includes

For more information, Please contact us with detailed information.