Business Associate HIPAA Compliance Tool (Less than 50 employees)
Supremus Group has different templates to help you with your HIPAA compliance. Below you will find all the HIPAA compliance tools which will help your organization jump-start your HIPAA compliance requirement project and save you a lot of time and thousands of dollars. Policies and procedures are updated for the new ARRA’s HITECH Act and Omnibus Rules of 2013.
1) Small Business HIPAA Security Contingency Plan Template Suite
2) HIPAA Security Policies Template Suite
3) HIPAA Privacy Policies & Procedures Template Suite
4) HIPAA Risk Analysis Template Suite
5) HIPAA Audit Templates Suite
1) SMALL BUSINESS HIPAA SECURITY CONTINGENCY PLAN TEMPLATE SUITE
The contingency plan template suite can be used for Disaster Recovery Planning (DRP) & Business Continuity Plan (BCP) by any organization to comply with the requirements of HIPAA and JCAHO. Organizations with less than 50 employees can use this template suite and adapt to their environment.
- Business Impact Analysis (BIA)
- Risk Assessment
- Data Backup and Storage Plan
- Disaster Recovery Plan (DRP)
- Business Continuity Plan (BCP)
- Emergency Mode Operation Plan (EMOP)
- Business Resumption Plan examples for depts. like Accounting, Human resources, etc
- Policies and procedures
- Department Disaster Recovery Activation
2) HIPAA SECURITY POLICY TEMPLATE SUITE
We have developed 71 security policies, including 60 security policies & procedures required by HIPAA Security regulations and additional 11 policies, checklists, and forms as supplemental documents to the required policies. These policies meet the challenges of creating enterprise-wide security policies. The suite addresses all major components of the HIPAA Security Rule, and each approach can be adopted or customized based on your organization’s needs. Policies and procedures are updated for the new ARRA’s HITECH Act and Omnibus Rules of 2013.
The main sections are:
- Policies on the Standards for Administrative Safeguards
- Policies on the Standards for Physical Safeguards
- Policies on the Standards for Technical Safeguards
- Organizational Requirements
- Supplemental Policies for Required Policies
A covered entity must develop and implement policies and procedures appropriate to the entity’s business practices and workforce that reasonably minimize the amount of protected health information used, disclosed, and requested;” – HIPAA Privacy Rule 45 CFR Part 160. Policies and procedures are updated for the new ARRA’s HITECH Act and Omnibus Rules of 2013.
All policies are available in MS Word format and can be easily modified per your requirements. Each template is presented in a standard format reflecting critical organizational functions to consider in HIPAA remediation.
These policies cover all the major areas like:
General policies regarding the use and disclosure of PHI
- The minimum necessary rule for the use and disclosure of PHI
- Patient rights regarding their own PHI
- Uses and disclosures not requiring patient authorization
- Exceptional cases for restriction of uses and disclosures of PHI
- Organizational issues and safeguards Objective of HIPAA Security Risk Analysis
4) HIPAA SECURITY RISK ANALYSIS TEMPLATE SUITE
Risk Analysis is often regarded as the first step toward HIPAA compliance. Risk analysis is a required implementation specification under the Security Management Process standard of the Administrative Safeguards portion of the HIPAA Security Rule as per Section 164.308(a)(1). Covered entities will benefit from a practical Risk Analysis and Risk Management program beyond being HIPAA compliant. Compliance with HIPAA is not optional… it is mandatory to avoid penalties.
HIPAA Security Risk Assessment Template Suite has the following templates:
- Asset Inventory Worksheet
- Risk Analysis Checklist
- Risk Analysis Sample Final
- Risk Analysis Template
- Risk Assessment Executive Presentation
- Threat Matrix Worksheet
5) HIPAA AUDIT TEMPLATE SUITE
The HIPAA Security Rule requires organizations, at a minimum, to conduct periodic internal audits to evaluate processes and procedures intended to secure confidential or “protected health information” (PHI) (45 CFR 164.308(a)(8)). It is often advisable to seek an external review or audit but the provisions of the security rule do not specifically require this. In most cases, this will be determined by the size of the organization, line of business, and, sometimes, contract requirements (i.e., Medicare, Medicaid, etc.). The audit determines if an organization has adequately documented administrative, physical, and technical security practices, policies, and procedures and generally meets the rule’s requirements.
List of documents for HIPAA Audit Template:
- HIPAA Comprehensive Audit Checklist
- HIPAA Privacy & Security Audit Report – Sample
- HIPAA Security Abbreviated Audit Checklist final
- HIPAA Security Audit Executive Presentation
- Information Security Audit Template
Contact Bob Mehta at (515) 865-4591 for multiple site licenses or templates for discounted pricing.
All orders placed after 11 a.m. CST Monday through Friday will process by the next business day, except for New Year’s Day, Memorial Day, Independence Day, Labor Day, Thanksgiving Day, and Christmas Day. International shipping may take additional days.
If you need urgent product delivery, please call us at (515) 865-4591, and we will try to email you the product as soon as possible. Please notify in the comments section or send an e-mail to Bob@training-HIPAA.Net