Access Control Automatic Log Off
Description: Procedures to ensure automatic logoff is enable in the proper systems
Last Updated: October 24, 2024
Access Control Emergency Access
Description: Procedures for accessing ePHI during an emergency
Last Updated: October 25, 2024
Access Control Encryption
Description: Procedures to ensure automatic logoff is enable in the proper systems.
Last Updated: October 26, 2024
Access Control Unique User ID
Description: Assigns Unique ID to Users and establish basic responsibilities in such User.
Last Updated: October 25, 2024
Administrative Safeguards Policy
Description: General introduction and summary of Security Administrative Standards.
Last Updated: October 25, 2024
Assigned Security Responsibility (2016) Policy
Description: Identify the team member responsible for the development/implementation of the policies and procedures required by the security rule.
Last Updated: October 24, 2024
Assigned Security Responsibility Job Description Policy
Description: Defines the requirements for the Security Officer Job Description.
Last Updated: October 24, 2024
Business Associate Contract Policy
Description: Overall Policy regarding BA Contracts.
Last Updated: October 24, 2024
Business Associate Contract: Written Contract or Other Arrangement (Required)
Description: Policy regarding Business Associate Agreements.
Last Updated: October 24, 2024
Contingency Plan – Application & Data Criticality Analysis Policy (Addressable)
Description: Data criticality log and ranking of systems.
Last Updated: October 25, 2024
Contingency Plan – Data Backup Plan
Description: Delineates organizational procedures used to backup and store PHI.
Last Updated: October 24, 2024
Contingency Plan – Disaster Recovery Plan Policy
Description: Procedures to effectuate the restoration of systems and ePHI.
Last Updated: October 26, 2024
Contingency Plan Emergency Mode Operation Plan Policy
Description: Emergency mode operations basics.
Last Updated: October 25, 2024
Contingency Plan Policy
Description: Basic policy describing actions to mitigate damages in an emergency.
Last Updated: October 25, 2024
Contingency Plan Testing & Revision Procedure Policy (Addressable)
Description: Activities needed to conduct regular testing of disaster recovery plan.
Last Updated: October 25, 2024
Device & Media Controls Disposal Policy
Description: Guidelines for electronic equipment and storage media used in association of protected health information.
Last Updated: October 24, 2024
Device & Media Controls Media Re-use Policy
Description: Guidelines for the removal of ePHI from electronic media before the media is made available for re-use.
Last Updated: October 26, 2024
Device and Media Control Accountability Policy
Description: Track and logging guidelines for all hardware and devices with storage capabilities containing EPHI that is received by or removed from a sensitive area.
Last Updated: October 26, 2024
Device and Media Control Data Backup and Storage Policy
Description: Guidelines for electronic equipment and storage media used in association of protected health information.
Last Updated: October 24, 2024
Evaluation Policy
Description: Policy covering the organization's goal of obtaining satisfactory assurances from team members that he/she will safeguard ePHI.
Last Updated: October 26, 2024
Facility Access Control: Security Plan Policy Overview
Description: Established the overall physical security needs of the office.
Last Updated: October 25, 2024
Facility Access Controls – Faxes Policy
Description: Procedure for transmissions of PHI via facsimile.
Last Updated: October 25, 2024
Facility Access Controls – Maintenance Records Policy Addressable
Description: Explains the basic procedures as they relate to physical repairs and or modification of the facility where operations and support activities take place.
Last Updated: October 25, 2024
Facility Access Controls Access Control & Validation Procedures Policy
Description: Rules Necessary to grant access to information systems.
Last Updated: October 26, 2024
Facility Access Controls Contingency Operations Policy Addressable
Description: Describe controls to access facility, especially during emergencies.
Last Updated: October 24, 2024
Healthcare Clearinghouse Isolation Policy – Info Access Management
Description: Ensures information forwarded to Clearinghouses is protected.
Last Updated: October 25, 2024
HIPAA Security Timely Actions Policy
Description: Actions and Forms - Basic Calendar
Last Updated: October 25, 2024
Info Access: Management Authorization Policy Guide
Description: Limits the risk of unauthorized disclosures.
Last Updated: October 24, 2024
Info Access: Management Policy for Access Modification
Description: Guidelines to establish and modify access.
Last Updated: October 25, 2024
Integrity Policy
Description: Procedures to verify that data within the system has not been altered or destroyed without authorization
Last Updated: October 25, 2024
Internet Access Disclaimer Policy
Description: Used to limit liability if providing Internet access to guest.
Last Updated: October 24, 2024
Login Monitoring Policy: Security Awareness Training
Description: Identify unauthorized attempts to penetrate systems.
Last Updated: October 25, 2024
Password Management: Essential Security Training Guide
Description: Effective process for appropriately creating, changing and safeguarding passwords.
Last Updated: October 25, 2024
Physical Safeguards Policy
Description: One of the key elements. Covers a series of security categories needed to comply with requirements.
Last Updated: October 25, 2024
Security Awareness & Training: Metrics
Description: Identifies topics, gaps in training and assess training program.
Last Updated: October 24, 2024
Security Awareness & Training: Protection from Malicious Software
Description: Prevent security violations created by malicious software.
Last Updated: October 25, 2024
Security Awareness & Training: Security Reminders
Description: Communicate to the workforce changes that may affect the privacy and security.
Last Updated: October 26, 2024
Security Awareness & Training: Training
Description: Basics of the Security Training Program and Policies.
Last Updated: October 24, 2024
Security Incident Procedures: Breach Notification (Required)
Description: Describes to team members potential indicators or reportable events and what actions to take.
Last Updated: October 24, 2024
Security Incident Procedures: Responses & Reporting (Required)
Description: Describes to team members potential indicators or reportable events and what actions to take.
Last Updated: October 25, 2024
Security Management Process: Catalog and Settings
Description: Identify all hardware and software that handles ePHI and ensure security settings are available and have been activated
Last Updated: October 25, 2024
Security Management Process: Current Safeguards
Description: Catalog safeguards in place and risks associated or mitigated by the same.
Last Updated: October 26, 2024
Security Management Process: Emergency Preparedness
Description: Defines components of the Risk Analysis as they cover preparation for emergencies.
Last Updated: October 24, 2024
Security Management Process: Information System Activity Review Policy
Description: Describes procedures used to review records of system activity, such as audit logs, access reports, and security incident tracking reports.
Last Updated: October 25, 2024
Security Management Process: Information System Audit
Description: Describes procedures used to review team members access to records and login attempts.
Last Updated: October 25, 2024
Security Management Process: Risk Analysis (Required)
Description: Defines the Risk Analysis process and key actions regarding the same.
Last Updated: October 24, 2024
Security Management Process: Risk Management (Required)
Description: Defines the Risk Management Program and its purpose.
Last Updated: October 25, 2024
Security Management Process: Risk Management Assignment (Required)
Description: Defines assignment of individual to implement the Security Management Plan.
Last Updated: October 25, 2024
Security Management Process: Risk Management Update
Description: Defines the requirement to update the Management Plan and the reasons that may trigger an update.
Last Updated: October 25, 2024
Security Management Process: Risk Updates
Description: Defines the Risk Analysis process and key actions regarding the same.
Last Updated: October 25, 2024
Security Management Process: Sanction Policy (Required)
Description: Defines appropriate against team members who fail to comply with the security policies and procedures.
Last Updated: October 24, 2024
Security Management Process: Website Privacy Policy
Description: Information needed to be posted in website.
Last Updated: October 25, 2024
Security Management: Risk Analysis (Required)
Description: Steps required to assess and prioritize risk analysis.
Last Updated: October 25, 2024
Security Management: Risk Management (Required)
Description: Risk Management Actions.
Last Updated: October 24, 2024
Security Management: Whistleblowers
Description: Describes basic treatment and protection of whistleblowers.
Last Updated: October 25, 2024
Unauthorized Release of Protected Health Information
Description: Breach Procedures.
Last Updated: October 24, 2024
Use Of Voice Assistants
Description: Policy covering the use and presence of voice assistants in the work area.
Last Updated: October 25, 2024
Website Privacy Policy
Description: Describes how patient information collected by our website may be used.
Last Updated: October 26, 2024
Workforce Security: Access Control
Description: Explain access procedures to team members.
Last Updated: October 24, 2024
Workforce Security: Authorization and/or Supervision (Addressable)
Description: Procedures for the authorization/supervision of team members who work with ePHI or in locations where it might be accessed.
Last Updated: October 26, 2024
Workforce Security: Clearance Policy
Description: Procedures for the screening of new employees prior to granting authorization and access to PHI.
Last Updated: October 24, 2024
Workforce Security: Policy on Policies
Description: This policy addresses the process for developing, issuing and maintaining our policies and applies to all team members and associates.
Last Updated: October 25, 2024
Workforce Security: Termination Procedures (Addressable)
Description: Secure data from those who are no longer authorized access.
Last Updated: October 25, 2024
Workstation Security (Required)
Description: Implements physical security for all workstations and portable devices that access PHI.
Last Updated: October 24, 2024
Workstation Use (Required)
Description: Define specific uses of workstations, basic considerations and authentication.
Last Updated: October 26, 2024
Workstation Use: Cell phones
Description: Control use and information of cell phones.
Last Updated: October 24, 2024
Workstation Use: Electronic Communication
Description: Identifies the proper use of available resources.
Last Updated: October 25, 2024
Workstation Use: Personal Digital Assistants (PDAs)
Description: Defines use of the PDAs that connect to the office network.
Last Updated: October 23, 2024
Workstation Use: Remote Access & Work at Home
Description: Specifies the physical attributes of workstations located outside the confines of the main office.
Last Updated: October 25, 2024
