HIGH PEAKS HOSPICE

HIPAA
POLICIES AND PROCEDURES
ALPHABETICAL INDEX
As of May 8, 2018

Updated with New Logo 09/01/18

Privacy and Security (Administration, Physical and Technical) Policies
Policies are listed in Alphabetical Order regardless of Number.

 A. Privacy

         Authorization for the Use and Disclosure of Protected Health Information PRI 101 (Updated 09/01/18)

     Form - Patient Authorization Form (Rev 09/18)
     Form - Revocation of Authorization (Rev 09/18)

Breach Notification Requirements for Protected Health Information PRI 117 (Updated 09/01/18)

Business Associates PRI102 (Updated 09/01/18)

Fundraising and Protected Health Information PRI114 (Updated 09/01/18)
      Form-  Record of Individual Who have Requested No Further Fundraising Communication (Rev 09/18) 

Marketing and Protected Health Information PRI 113 (Updated 09/01/18) 

     Form - Record of Individual No Further Marketing Communication (Rev 09/18)

Minimum Necessary Disclosures of PHI PRI110 (Updated 09/01/18)
        Form - Non-Treatment Related Disclosure of Entire Medical Records (Rev 09/18)

       Form - Routine and Recurring Disclosure of PHI Not Related to Treatment (Rev 09/18)

Minimum Necessary Requests for PHI PRI111 (Updated 09/01/18)

     FormNon Treatment Related Request of Medical Records (Rev 09/18)

     Form: Routine and Recurring Requests of PHI Not Related to Treatment (Rev 09/18)

Minimum Necessary Uses of PHI PRI109 (Updated 09/01/18)

Notice of Privacy Practices PRI100 (Upd 09/01/18)

      Form - Notice of Privacy Practices for Patients (Rev 09/01/18)

       Form - Receipt of Notice of Privacy Practices (Rev 09/18)

 Patient Privacy Rights PRI103 (Upd 09/01/18)

 Patient Requests for Access to Health Information for Inspection and/or Copying PRI106 (Upd 09/01/18)

          FormRequest for Access to PHI Rev 09/18 

          Letter - Acceptance of Request for Access to PHI Rev 09/18 Contact Privacy Official

         Letter - Denial of Request for Access to PHI (Rev 09/18) Contact Privacy Official

 Patient Requests for Confidential Communications PRI105 (Upd 09/01/18)

     FormPermission For Emai Communication (Rev 09/18)
     FormRequest for Confidential Communication (Rev 09/18)

Patient Requests for Restrictions on the Use and Disclosure of PHI  PRI104 (Upd 09/01/18)
     FormRequest for Restrictions onUse/Disclosure of PHI (Rev 09/18)

Patient Requests to Amend Health Care Information PRI107 (Upd 09/01/18)
     Letter - Acceptance to Request to Amend PHI (Re 09/18) Contact Privacy Official

     Letter - Denial of Request to Amend PHI (Rev 09/18) Contact Privacy Official

Privacy of the Heath Information of Deceased Patients PRI115 (Upd 09/01/18)

Privacy Training for Staff and Volunteers PRI116 (Upd 09/01/18)

Requests for an Accounting of Disclosures of Health Care Information PRI108 (Upd 09/01/18)

Sanctions for Privacy Violations PRI112 (Upd 09/01/18)

B. Security 

                1. Administrative

           Business Associates SEC200 (Upd 09/01/18)

           Evaluation SEC201 (Upd 09/01/18)

           Information Access Management SEC 202 (Upd 09/01/18)

           Information System Activity Review SEC 207 (Upd 09/01/18)

           Password Management SEC 204 (Upd 09/18)

           Protection from Malicious Software SEC205(Upd 09/01/18)

           Risk Analysis SEC208 (Upd 09/01/18)

           Risk Management SEC209 (Upd 09/01/18)

           Sanctions SEC 210 (Upd 09/01/18)

           Security Awareness and Training SEC203 (Upd 09/01/18)

           Security Incidents SEC 206 (Upd 09/01/18)

             Form: Risk Assessment Worksheet (Rev 09/18)

             Form: Security Incident Report (Rev 09/18)

             Form: Security Incident Report Log (Rev 09/18)

         Workforce Security SEC 211 (Upd 09/01/18)

             Form: Termination of Computer Access Checklist (Rev 09/18)

     2. Physical

Device and Media Control SEC212  (Upd 09/01/18)

Facility Access Controls SEC 213 (Upd 09/01/18)

Workstation Use and Workstation Security SEC214  (Upd 09/01/18)

     Form - Guidelines for the Acceptable Use and Security of Workstation (Rev 09/18)

    3. Technical

Integrity of Electronic Protected Health Information  SEC216 (Upd 09/01/18)

Person or Entity Authentication SEC 217 (Upd 09/01/18)

Technical Access Control SEC215 (Upd 09/01/18)

Transmission Security SEC218 (Upd 09/01/18)