Start Your FREE Membership NOW
 Discover Proven Ways to Be a Better Medical Office Manager
 Get Our Daily eNewsletter, MOMAlert, and MUCH MORE
 Absolutely NO Risk or Obligation on Your Part -- It's FREE!

Upgrade to Premium Membership NOW for Just $90!
Get 3 Months of Full Premium Membership Access
Includes Our Monthly Newsletter, Office Toolbox, Policy Center, and Archives
Plus, You Get FREE Webinars, and MUCH MORE!

HIPAA resources and guidance

Complying with HIPAA’s privacy and security requirements can be complex and overwhelming. But the Department of Health and Human Services does provide some helpful guidance. Here’s a list of resources we found that might help you understand what’s required and plan your security programs:

   1.      HHS Security Rule guidance materials

This web page offers links to a series of educational papers addressing security requirements under HIPAA and specific HIPAA security guidance documents and publications by the National Institute of Standards and Technology (NIST)—a federal agency setting computer security standards for the government.

   2.      HIPAA combined regulations

This is a link to a document containing the HIPAA privacy and security regulations, current through March 2013. Be careful when relying on this document to check if there have been changes to any regulations since March 2013.

   3.     NIST HIPAA Security Rule Toolkit

This is a downloadable resource prepared by NIST to help organizations comply with the HIPAA Security Rule

   4.     Guidance on risk analysis requirements under the HIPAA Security Rule

This is a HIPAA Guidance document specifically addressing the risk analysis that must be performed to comply with the HIPAA Security Rule.

   5.     HIPAA Security Guidance on remote use

This is a HIPAA Guidance document specifically addressing remote or offsite access to covered entities’ electronic PHI, including use of portable devices by staff who aren’t telecommuters but have a need to access data when they are away from the office.

6.      Database of breaches

This web page provides a listing of self-reported security breaches of unsecured PHI that affect 500 or more individuals and were reported to HHS.









Try Premium Membership