You must have Adobe Acrobat Reader to view the links below. To download a free version of Acrobat please click above. NOTE: When the document opens, please click on the "Bookmarks" tab on the left hand side for easy navigation within the document.
INTRODUCTION (Reviewed March 2006)
PRIVACY STANDARDS (Reviewed March 2006)
Administrative Requirements
Privacy Official
Designated Record Set
Complaints
Sanctions
Reporting Violations
Safeguards
Printing, Copying, and Faxing Client Information
Disposal of Client Information
Training
Documentation
Office Management
Marketing
Employee Termination
Individual Client Rights
Access to information
Amendment of information
Restrictions on disclosures
Accounting of disclosures
Alternative communications
Use and Disclosure
Authorizations
Disclosures with “opt out”
Disclosures with no “opt out”
Other requirements
Minimum Necessary
Notice of Privacy Practices
Business Associates
SECURITY RULE (Reviewed March 2006)
Information Security Definitions
Administrative Safeguards
Risk Analysis
Risk Management
Sanction Policy
Information System Activity Review
Assigned Security Responsibility
Workforce Security
Information Access Management
Security Awareness and Training
Security Incident Procedures
Contingency Plan
Evaluation
Business Associate Contracts and Other Arrangements
Physical Safeguards
Facility Access Controls
Workstation Use
Workstation Security
Device and Media Controls
Technical Safeguards
Access Control
Audit Controls
Integrity
Person or Entity Authentication
Transmission Security
ELECTRONIC TRANSACTION AND CODE SETS (Reviewed March 2006)
NATIONAL PROVIDER AND EMPLOYER IDENTIFIERS (Reviewed March 2006)
APPENDICES
Notice of Privacy Practices (Reviewed March 2006)
Business Associates Agreement Cover Letter (Reviewed March 2006)
Business Associates Agreement (Reviewed March 2006)
CDC Acceptable Use Policy for Computers (Reviewed March 2006)
CDC Acqusition Assessment Policy (Reviewed March 2006)
Client Consent (Reviewed March 2006)
Complaint Form (Reviewed March 2006)
Computer Systems Security Policy
Confidentiality Form (Reviewed March 2006)
Electronic Data Disposal Policy (Reviewed March 2006)
Email Policy (Reviewed March 2006)
Fax Transmittal Form (Reviewed March 2006)
Guidelines on Anti-Virus Process (Reviewed March 2006)
Handy HIPAA Hints for Students (Reviewed March 2006)
Request for Accounting of Disclosures (Reviewed March 2006)
Request for Restricted Use or Alternative Communication Form (Reviewed March 2006)
Request to Access Information Forms (Reviewed March 2006)
Request to Amend Health Information Form (Reviewed March 2006)
Risk Analysis (Reviewed March 2006)
Risk Table (Reviewed March 2006)
Using Client Information in the Classroom (Reviewed March 2006)
