Académique Documents
Professionnel Documents
Culture Documents
HIPAA
Compliance
Checklist
If you’re handling protected health information (PHI) then you need to be HIPAA compliant.
What’s next? What steps do you need to take in order to become HIPAA compliant?
This checklist will help get you started.
TrueVault provides a simple REST API that can be used to store and retrieve any amount of data, at any time, from anywhere on the web.
It gives developers the freedom to create applications that require regulatory compliance without worrying about regulatory compliance.
Learn more at truevault.com
The HIPAA Security Rule requires appropriate Administrative, Physical,
HIPAA Security Rule and Technical Safeguards to ensure the confidentiality, integrity, and
security of protected health information (PHI).
Security 9
Security Awareness and Training - Security Reminders
(addressable): Periodically send updates and reminders about
Incident
security and privacy policies to employees.
Procedures
Security Awareness and Training - Protection Against Malware
10
(addressable): Have procedures for guarding against, detecting,
and reporting malicious software.
Contingency 11
Security Awareness and Training - Login Monitoring (addressable):
Institute monitoring of logins to systems and reporting of
Plan
discrepancies.
Evaluation 13
Security Incident Procedures - Response and Reporting (required):
Identify, document, and respond to security incidents.
HIPAA Privacy Rule individuals’ medical records and other personal health information and
applies to health plans, healthcare clearinghouses, and those health care
providers that conduct certain health care transactions electronically.
Summary
1 2 3 4
Put safeguards in place Reasonably limit uses and Have agreements in place Have procedures in place to
to protect patient health sharing to the minimum with any service providers that limit who can access patient
information. necessary to accomplish your perform covered functions or health information, and
intended purpose. activities for you. implement a training program
for you and your employees
about how to protect your
patient health information.
Sources
https://www.truevault.com/blog/how-do-i-become-hipaa-compliant.html