HIPAA
POLICIES AND PROCEDURES
ALPHABETICAL INDEX
As of December 15, 2014

Privacy and Security (Administration, Physical and Technical) Policies
Policies are listed in Alphabetical Order regardless of Number.

 


A. Privacy

Business Associates PRI102 (U08/31/09)
Fundraising and Protected Health Information PRI114 (U08/31/09)
      Form-  No Further Development Communication Form

Minimum Necessary Disclosures of PHI PRI110 (U08/31/09)
     FormRoutine and Recurring Disclosure of PHI Not Related to Treatment (R05/15)

     Form - Non-Treatment Related Disclosure of Entire Medical Records (Rev05/15)

Minimum Necessary Requests for PHI PRI111 (U08/31/09)
     FormNon Treatment Related Request of Medical Records (R09/09)

     Form: Routine and Recurring Requests of PHI Not Related to Treatment (Rev05/15)

Minimum Necessary Uses of PHI PRI109 (U08/31/09)
     FormRole Based Minimum Necessary PHI for Treatment Rev 05/15

     Form: Role Base Minimum Necessary Uses of PHI for Operations (Rev 05/15)

   Form - Role Based Minimum Necesary Uses of PHI for Payment (Rev 05/15)

Notice of Privacy Practices PRI100 (U08/31/09)
      Form - Notice of Privacy Practices for Patients (Rev03/13/13)

Patient Privacy and Marketing PRI113 (U08/31/09)
     FormRecord of Individual No Further Marketing Communication R0909

Patient Privacy Rights PRI103 (U08/31/09)

Patient Requests for Access to Health Information for Inspection and/or Copying PRI106 (U08/31/09)
     FormAcceptance of Request for Access to PHI R09/09
     FormRequest for Access to PHI R09/09

     Form- Denial of Request for Access to PHI (Rev05/15)

Patient Requests for Confidential Communications PRI105 (U08/31/09)
     FormEmail Permission Form N1-12
     FormRequest for Confidential Communication R09/09

Patient Requests for Restrictions on the Use and Disclosure of PHI  PRI104 (U08/31/09)
     FormRequest for Restrictions R09/09

Patient Requests to Amend Health Care Information PRI107 (U08/31/09)
     FormAcceptance to Request to Amend PHI R09/09

      Form-Denial of Request to Amend PHI (Rev 05/15)

Privacy of the Heath Information of Deceased Patients PRI115 (U08/31/09)

Privacy Training for Staff and Volunteers PRI116 (U08/31/09)

Requests for an Accounting of Disclosures of Health Care Information PRI108 (U08/31/09)

Sanctions for Privacy Violations PRI112 (U08/31/09)

Use of Authorizations PRI101 (U08/31/09)
     FormPatient Authorization Form (R08/08)
    FormRevocation of Authorization (R09/09)

B. Security

     1. Administrative

Business Associates SEC200 (U08/10)
Evaluation SEC201 (U08/10)
Information Access Management SEC 202 (U08/10)
Information System Activity Review SEC 207 (U08/10)
Password Management SEC 204 (R12/14)
Protection from Malicious Software SEC205(U11/10)
Risk Analysis SEC208 (U08/10)
Risk Management SEC209 (U08/10)
Sanction Policy SEC 210 (U11/10)
Security Awareness and Training SEC203 (U08/10)
Security Incidents SEC 206 (U08/10)

      Form: Risk Assessment Worksheet (Rev 06/15)

     Form: Security Incident Report (Rev 02/13)

     Form: Security Incident Report Log (Rev 06/15)

Workforce Security SEC 211 (U08/10)

    Form: Termination of Computer Access Checklist (Rev 08/10)

     2. Physical

Device and Media Control SEC212  (U11/10)
Facility Access Controls SEC 213 (U08/10)
Workstation Use and Workstation Security SEC214  (U11/10)

    3. Technical

Integrity of Electronic Protected Health Information  SEC216 (U11/10)
Person or Entity Authentication SEC 217 (U11/10)
Technical Access Control SEC215 (U11/10)
Transmission Security SEC218 (U11/10)