RCOE

Communication Disorders Clinic

HIPAA Manual

Sunday, November 22, 2009

HIPAA MANUAL

 

You must have Adobe Acrobat Reader to view the links below.  To download a free version of Acrobat please click above. NOTE: When the document opens, please click on the "Bookmarks" tab on the left hand side for easy navigation within the document.

INTRODUCTION (Reviewed and Modified November 2009)                             

 

PRIVACY STANDARDS (Reviewed and Modified November 2009)

          Administrative Requirements

                          Privacy Official

                          Designated Record Set

                          Complaints

                                   Sanctions

                          Reporting Violations

                          Safeguards                                                                                   

                          Printing, Copying, and Faxing Client Information                         

                          Disposal of Client Information                                                     

                          Training                                                                                      

                          Documentation                                                                            

                          Office Management                                                                     

                          Marketing                                                                                    

                          Employee Termination                                                                 

           Individual Client Rights                                                                          

                          Access to information                                                                  

                          Amendment of information                                                          

                          Restrictions on disclosures                                                           

                          Accounting of disclosures                                                            

                          Alternative communications                                                           

           Use and Disclosure                                                                                 

                          Authorizations                                                                             

                          Disclosures with “opt out”                                                           

                          Disclosures with no “opt out”                                                       

                          Other requirements                                                                      

        Minimum Necessary                                                                               

        Notice of Privacy Practices                                                                     

Business Associates
 Breaches                                                                      

 

SECURITY RULE (In Review)              

        Information Security Definitions

        Administrative Safeguards      

                          Risk Analysis

                          Risk Management

                          Sanction Policy                                                                             

                          Information System Activity Review

                          Assigned Security Responsibility                                                     

                          Workforce Security                                                                          

                          Information Access Management                                                    

                          Security Awareness and Training                                                    

                          Security Incident Procedures

                          Contingency Plan

                          Evaluation

                          Business Associate Contracts and Other Arrangements                     

             Physical Safeguards

                          Facility Access Controls

                          Workstation Use

                          Workstation Security

                          Device and Media Controls

             Technical Safeguards

                          Access Control

                          Audit Controls

                          Integrity

                          Person or Entity Authentication

                          Transmission Security

 

ELECTRONIC TRANSACTION AND CODE SETS (In Review)

NATIONAL PROVIDER AND EMPLOYER IDENTIFIERS (In Review)


APPENDICES (In Review)

    Notice of Privacy Practices

    ASU Computer Usage Policy

    ASU Emergency Response Plan

    ASU Risk Assessment Policy

    Business Associates Agreement Cover Letter

    Business Associates Agreement

    CDC Acceptable Use Policy for Computers

    CDC Acquisition Assessment Policy

    Client Consent

    Complaint Form

    Computer Systems Security Policy

    Confidentiality Form

    Electronic Data Disposal Policy

    Email Policy

     Fax Transmittal Form

     Guidelines on Anti-Virus Process

    Handy HIPAA Hints for Students

    Request for Accounting of Disclosures

    Request for Restricted Use or Alternative Communication Form

    Request to Access Information Forms

    Request to Amend Health Information Form

    Risk Analysis

    Risk Table

    Using Client Information in the Classroom

 

(Return to Top)

 

 

© Copyright 2009 Reich College of Education. Appalachian State University.