HIPAA Security Policies Template Suite

On 20th February 2003 the final HIPAA Security was published and required all the healthcare organizations to make sure their procedures and policies were consistent to the law requirement on security rule and that their workers/employees were able to implement them at their work place in their daily activities.

The HIPAA Security rule is very specific to the implementation, development and the changing of policies and procedures. According to the Standards on Policies and procedures, American Recovery and Reinvestment Act of 2009 (ARRA)’s HITECH act, and Omnibus rule of 2013 a covered entity has to ensure the implementation of policies and procedures in regards to their handling of protected health information which also has to meet the specifications, standards and requirements of this subpart. In order to ensure full compliance a covered entity has to make sure its policies and procedures are tailored according to the size and the kind of activities related to its protected health information. This standard cannot be construed in a manner that may permit or excuse violation of implementation specifications and any other requirement in this subpart.

So we have 71 HIPAA Security policies in which 60 of them include security policies and procedures stipulated under HIPAA Security regulation and an extra of 11 policies which contain checklist, forms and policies which act as supplemental documents of the required policies. The policies do address the challenges faced by enterprises on implementing security policies and procedures and also all the main facets of HIPAA Security rule where each policy can be tailored to meet an organization’s HIPAA compliance needs.

I. Policies on the Standards for Administrative Safeguards

  • Breach Notification Policy
  • Security Management Process
  • Risk Analysis
  • Risk Management
  • Sanction Policy
  • Information System Activity Review
  • Assigned Security Responsibility
  • Workforce Security
  • Authorization and/or Supervision
  • Workforce Clearance Procedure
  • Termination Procedures
  • Information Access Management
  • Access Authorization
  • Access Establishment and Modification
  • Security Awareness & Training
  • Security Reminders
  • Protection from Malicious Software
  • Log-in Monitoring
  • Password Management
  • Security Incident Procedures
  • Response and Reporting
  • Contingency Plan
  • Data Backup Plan
  • Disaster Recovery Plan
  • Emergency Mode Operation Plan
  • Testing and Revision Procedure
  • Applications and Data Criticality Analysis
  • Evaluation
  • Business Associate Contracts and Other Arrangements
  • Business Associate Agreement
  • Execution of Business Associate Agreements with Contracts

II. Policies on the Standards for Physical Safeguards

  • Facility Access Controls
  • Contingency Operations
  • Facility Security Plan
  • Access Control and Validation Procedures
  • Maintenance Records
  • Workstation Use
  • Workstation Security
  • Device and Media Controls
  • Disposal
  • Media Re-use
  • Mobile Device Policy
  • Accountability
  • Data Backup and Storage

III. Policies on the Standards for Technical Safeguards

  • Access Control
  • Unique User Identification
  • Emergency Access Procedure
  • Automatic Logoff
  • Encryption and Decryption
  • Audit Controls
  • Integrity
  • Mechanism to Authenticate Electronic Protected Health Information
  • Person or Entity Authentication
  • Transmission Security
  • Integrity Controls
  • Encryption

IV. Organizational Requirements

  • Policies and Procedures
  • Documentation
  • Isolating Healthcare Clearinghouse Function
  • Group Health Plan Requirements

V. Supplemental Policies for Required HIPAA Policies

  • Wireless Security Policy
  • Email Use Policy
  • Analog Line Policy
  • Dial-in Access Policy
  • Automatically Forwarded Email Policy
  • Remote Access Policy
  • Ethics Policy
  • VPN Security Policy
  • Extranet Policy
  • Internet DMZ Equipment Policy
  • Network Security Policy

Total cost: $495 Buy Now (Opens in New Window)

The templates are developed in MS word and Excel to enable customization of these documents to the organization HIPAA Security Policies requirements. If you have any questions, or if you wish to see samples from suite, please feel free to contact us at bob@hipaacompliancesoftware.net or call on (515) 865-4591.


Supremus Group LLC
855 SE Bell Ct, Suite 300
Waukee, IA 50263
Tel : (515) 865-4591 | Fax: (515) 221-2363
Email: bob@hipaacompliancesoftware.net
copyright 2009-2014 hipaacompliancesoftware.net . All rights reserved.