Start Your FREE Membership NOW
 Discover Proven Ways to Be a Better Medical Office Manager
 Get Our Daily eNewsletter, MOMAlert, and MUCH MORE
 Absolutely NO Risk or Obligation on Your Part -- It's FREE!

Upgrade to Premium Membership NOW for Just $90!
Get 3 Months of Full Premium Membership Access
Includes Our Monthly Newsletter, Office Toolbox, Policy Center, and Archives
Plus, You Get FREE Webinars, and MUCH MORE!

HIPAA compliance checklist

Having a complete HIPAA compliance program is important to your organization. Run through this HIPAA compliance checklist to see if you have your foundation of HIPAA compliance in place and easily retrievable.

HIPAA Policies and Procedures

  1. HIPAA privacy policies, procedures, and forms
  2. HIPAA security policies, procedures, and forms
  3. HIPAA Breach Notification policy and procedure
  4. Most recent Notice of Privacy practices
  5. Privacy officer’s job responsibilities and contact information
  6. Security officer’s job responsibilities and contact information

HIPAA workflows and evidence of compliance

  1. Most recent HIPAA Risk Analysis
  2. Most current HIPAA risk mitigation/risk management documentation
  3. Business Associate agreements with list of Business Associates
  4. Workforce HIPAA training, periodic HIPAA updates, HIPAA training log
  5. Password policies by system
  6. Workstation security practices (anti-virus, password requirement, password timeframes, workstation use, etc.)

HIPAA documentation specific to the organization

  1. List of all software systems containing Protected Health Information
  2. List of all hardware used in the organization (laptops, computers, servers, tablets, printers, etc.)
  3. List of all devices and systems that use encryption, including type of encryption
  4. List of security measure for secure data transmission (example: encrypted email)
  5. List of all users and access into systems with Protected Health Information (PHI)
  6. Contingency plan (disaster recovery plan)
  7. Faculty security plan and office layout

This is not an all-inclusive list to what may be requested during a HIPAA audit. This is a list of recommended documentation that should be gathered and stored in a central location to assist with ease of documentation gathering during a HIPAA audit. Checklist courtesy of Planet HIPAA.










Try Premium Membership