This policy is listed for reference only and should be reviewed with your lawyer before implementing them into daily practice. We are not lawyers and are not providing any legal advice. View our legal disclaimer.

Security Management Process: Catalog and Settings

Reference: §164.308 (a)(1)(ii)(A)

Last Updated: October 25, 2024

Purpose

The purpose of the Catalogue and Settings Policy is:

To ensure all hardware and software containing ePHI has been accounted.
To assign a reliable party to be responsible for the accountability and security of ePHI as it resides or it’s used within the different systems.
To ensure all security settings are available and have been enable.

Policy

Procedure: The Security Manager or delegated representative shall ensure that all software and hardware handling electronic PHI (ePHI) is accounted for, has security settings and that the same settings have been enabled.

Conduct audit to ensure that all relevant equipment and software has been accounted for;
Update audits on an annual basis or as if needed in case of changes;
Maintain a written record of the analysis/assessment for 7 years.

Simplify Your Compliance with
Software and Guided Coaching

Let your patients and clients know that you take HIPAA seriously with the HIPAA Seal of Compliance for your website, storefront, and marketing materials.

hipaa compliance verification seal of compliance.png

Sign Up with
Compliancy Group

Get instant access to HIPAA Compliance News and Updates

You'll get your first checklist as soon as you sign up!

Our Mission

To safeguard medical data by providing secure, reliable, and fully HIPAA-compliant hosting solutions, enabling healthcare professionals to focus on their primary mission of providing care.

Products

Resources

Specialties
Events & Webinars
Resource Hub - Coming Soon

Company

HIPAA Compliant Hosting

The premier choice for HIPAA Compliant Hosting services in the United States.

Privacy Policy | Terms of Use | Accessibility Statement