93d20bb781
/wp-admin/options-general.php?page=emc2-popup-disclaimer/emc2pdc-admin.php
bd6b8e01fe
1053
0
Accept
Decline
http://hipaacow.org
shortcode_only
1
1

Your review or other use of the documents or other information or services on the HIPAA COW web site (collectively, the “Documents”) will be governed by the terms and conditions stated below. For the purposes of these terms and conditions, if the user is not an individual, then “You” or “you” will include the user’s company, its practitioners, officers, employees, members, agents, successors and assigns. As used below, “HIPAA COW” refers to HIPAA Collaborative of Wisconsin.

HIPAA COW may amend these terms and conditions at any time by posting the amended terms on HIPAA COW’s Web site.

These Documents are Copyright by the HIPAA Collaborative of Wisconsin. HIPAA COW retains full copyright ownership, rights and protection in all material contained in the Documents. You may use these Documents for your own purposes. They may be freely redistributed in their entirety provided that the copyright notice is not removed. When information from these Documents is used, HIPAA COW shall be referenced as a resource. They may not be sold for profit or used in commercial documents without the written permission of the copyright holder. These Documents are provided “as is” without any express or implied warranty. These Documents are for educational purposes only and do not constitute legal advice. If you require legal advice, you should consult with an attorney. Unless otherwise noted, HIPAA COW has not addressed all state pre-emption issues related to these Documents. Therefore, these Documents may need to be modified in order to comply with Wisconsin/State law.

Though HIPAA COW believes reasonable efforts have been made to ensure the accuracy of the information contained in the Document, it may include inaccuracies or typographical errors and may be changed or updated without notice. It is intended for discussion and educational purposes only and is provided “AS IS” WITHOUT WARRANTY OF ANY KIND AND RELIANCE ON ANY INFORMATION PRESENTED IS AT YOUR OWN RISK. HIPAACOW AND ITS CONTRIBUTORS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, AND ANY AND ALL PRODUCTS, SERVICES AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. In no event shall HIPAA COW be liable for any direct, indirect, punitive, incidental, special, or consequential damages or damages for loss of profits, revenue, data, down time, or use, arising out of or in any way connected with the use of these Documents or performance of any services, whether based on contract, tort, negligence, strict liability or otherwise. If you are dissatisfied with any portion of the Document, or with any of these terms of use, your sole and exclusive remedy is to discontinue using the Document. If this limitation of liability or the exclusion of warranty is held inapplicable or unenforceable for any reason, then HIPAA COW’s maximum liability for any type of damages shall be limited to U.S. $100.00. This agreement shall be construed in accordance with the laws of the State of Wisconsin without regard to its conflict-of-law provisions. You hereby irrevocably consent to the exclusive jurisdiction and venue of courts in Dane County, Wisconsin for all disputes arising out of or relating in any way to the use of these Documents.

The listing of an organization or a Web link on the HIPAA COW web site does not imply any endorsement and HIPAA COW takes no responsibility for the products, tools, and Internet sites listed. A Document may contain links to other sites over which HIPAA COW has no control. The inclusion of any link does not imply endorsement by HIPAA COW of the site or the site’s contents or owner. By using any Document to search for or link to another site, you agree and understand that you may not make any claim against HIPAA COW for any damages or losses, whatsoever, resulting from your use of the Web site to obtain search results or to link to another site. The information and content provided by HIPAA COW is for informational purposes only. HIPAA COW disclaims any responsibility to update any information, including with respect to any new legal, business, or technology developments. The information is not intended to and does not constitute legal, financial, or other professional advice. HIPAA COW is not licensed to practice law in any jurisdiction and the accuracy, completeness, adequacy, or currency of the information is not warranted or guaranteed and any use of it is at your own risk. If you require legal advice, you should consult with an attorney.

HIPAA COW may terminate these terms and conditions and your use of these Documents at any time if you violate any provision of these terms and conditions. Termination of these terms and conditions will not affect any obligations that accrued before the termination. If you understand and accept these conditions of use, click “I Accept” to enter the HIPAA COW Sample Document Portal page.

Accept Decline


Privacy & Security Documents

PRIVACY AND SECURITY TOPIC

DELIVERABLE(s)

Access to Protected Health Information (PHI) 164.524
  1. Access Policy Doc
  2. Minors and Access Doc
  3. Charging for Copies and Summaries Doc
Accounting of Disclosures                                   164.528
  1. Accounting of Disclosures
Amendment                                                     164.526
  1. Amendment Policy
  2. Amendment Form
  3. Sample Letters for Amendment Policy
Auditing
  • Audit Controls 164.312(b)
  • Information System Activity Review 164.308(a)(a)(ii)(D)
  • Log-in Monitoring 164.308(a)(5)(ii)(C)
  • Protection from Malicious Software 164.308(a)(5)(ii)(B)
  1. Auditing Policy Doc
Authorization 164.508
  1. Explanation - Consent Doc
  2. Validity of Patient Authorization Doc
  3. Authorization Elements Grid PDF
  4. WI Authorization Form Doc
  5. Audio, Video and Photo Authorization Doc
  6. Position Statement: Issue of Requiring Authorization Forms to include Copy or Fax Doc

Breach Notification   Part 164 Subpart D

  • Sanction Policy 164.308(a)(1)(ii)(C)
  1. 2013 Omnibus Rule Version Breach Notification Policy - Compliance Date 9/23/13
  2. Privacy Officer Breach Notification Checklist
  3. ARRA/HITECH Breach Notification Policy 1-3-11
Business Associate
  • 164.308(b)
  • 164.314
  • 164.504(e)
  • HITECH Sections 13401(a), 13404, 13408
  1. BA Agreement Omnibus Rule
  2. Business Associate Policy
  3. BA Notification Letter
  4. BA Training PPT
Complaint  164.530(d)(1)
  1. Complaint Policy & Form Doc
Confidential Communications 164.522 (b)
  1. Patient Right to Request Confidential Communications Doc
Contingency Plan 164.308(a)(7)
  • Contingency Operations 164.310(a)(2)(i)
  • Emergency Access Procedure 164.312(a)(2)(ii)
  1. Contingency Planning Whitepaper Doc
Consumer Guide
  1. Wisconsin Consumer HIPAA Guide PDF
Data Management
  • Accountability 164.310(d)(2)(iii)
  • Data Backup and Storage 164.310(d)(2)(iv)
  • Data Backup Plan 164.308(a)(7)(ii)(A)
  • Device and Media Controls 164.310(d)
  1. Data Management & Backup Doc
De-Identification 164.514
  1. De-ID vs. LDS PDF
Designated Record Set  164.501
  1. Designated Record Set Doc
Device & Media Controls 164.310(d)
  • Disposal 164.310(d)(2)(i)
  • Media Re-use 164.310(d)(2)(ii)
  • Portable Media
  1. Device, Media, & Paper Record Sanitization for Disposal or Reuse Doc
  2. Portable Media Whitepaper Doc
E-mail
  1. Information on Secure Email
Employee Health
  1. Employee Health Whitepaper
Facility Access Controls 164.310(a)(1)
  • Access Control & Validation Procedures 164.310(a)(2)(iii)
  • Facility Security Plan 164.310(a)(2)(ii)
  1. Facility Access Policy Doc
Facility Directory 164.510(a)
  1. Release of PHI to the Media Doc
Facility Maintenance Records 164.310(a)(2)(iv)
  1. Facility Maintenance & Repairs Policy Doc
Fundraising  164.514(f)(1)
  1. Fundraising Policy Doc
Group Health Plan Requirements
  • 164.314(b)
  • 164.504(f)
  1. Plan Documents Policy Doc
Information Access Management 164.308(a)(4)(i)
  • Access Control 164.312(a)(1)
  • Access Establishment and Modification 164.308(a)(4)(ii)(C)
  • Authorization and/or Supervision   164.308(a)(3)(ii)(A)
  • Automatic Logoff 164.312(a)(2)(iii)
  • Isolating Healthcare Clearinghouse Function 164.308(a)(4)(ii)(A)
  • Password Management 164.308(a)(5)(ii)(D)
  • Person or Entity Authentication 164.312(d)
  • Termination Procedures 164.308(a)(3)(ii)(C)
  • Unique User Identification 164.312(a)(2)(i)
  • Workforce Clearance Procedure   164.308(a)(3)(ii)(B)
  • Workforce Security 164.308(a)(3)(i)
  • Workstation Use 164.310(b)
  1. System Access Policy
  2. Remote Access Policy
Judicial Proceeding 164.512(e)
  1. Judicial & Administrative Proceedings Doc
Law Enforcement 164.512(f)
  1. HIPAA & Wisconsin Law Enforcement PDF
  2. Drug Seeking Behavior Whitepaper
Limited Data Set  164.514
  1. De-ID vs. LDS PDF
Marketing  164.501
  1. Marketing Policy Doc
Minimum Necessary 164.514
  1. Minimum Necessary Training PPT
  2. Minimum Necessary Doc
Notice of Privacy Practice 164.520
  1. Privacy Notice Policy - Provider
  2. Model Privacy Notice - Provider
  3. Acknowledgement
  4. Privacy Notice Policy - Payer
  5. Model Privacy Notice - Payer
  6. Patient Privacy Rights Doc
  7. Patient Rights PPT
Occupational Health
  1. Occupational Health Whitepaper 4-15-13
Policies & Procedures
  • Privacy 164.530(i)
  • Security 164.316
  1. Example Policy & Procedure Template
  2. P&P Checklist xls
  3. Security Rules P&P Grid xls
  4. Security Audit Quick Start Guide Doc
  5. Security Audit Grid xls
Preemption with Wisconsin Law
  • Part 160 Subpart B
  1. Preemption Analysis Doc
  2. Preemption - WI 146 Pdf
  3. Preemption - WI 51.30 Pdf
  4. Preemption - WI 252 Pdf
  5. Preemption - WI 256.50 Doc
  6. Preemption Matrix (Payer) Doc
Privacy Officer  164.530(a)
  1. HIPAA Implementation & Oversight Doc
Psychotherapy Notes  164.508(a)(2)
  1. Psychotherapy Notes Auth - Policy Doc
Restriction Request  164.522 (a)
  1. Request Restrictions Doc
Risk Analysis & Management
  • 164.308 (a)(1)(ii)(A) and (B)
  • Evaluation 164.308(a)(8)
  • Meaningful Use – CMS EHR Incentive program
  • Protect Electronic Health Information Requirements
  • Safeguards - Administrative 164.306
  • Safeguards - Physical 164.310
  1. Risk Management Policy Doc
  2. Risk Toolkit Guide
  3. Risk Assessment Template
  4. Administrative Safeguard Scorecard Doc
  5. Physical Safeguards Scorecard Doc
  6. Privacy, Security, & Meaningful Use Questions to Ask Vendors Doc
Safeguards  164.530 (c)
  1. Communication of PHI Policy Doc
Security Incident Procedures 164.308(a)(6)
  • Security Management Process 164.308(a)(1)(i)
  1. Security Incident Response Doc

Also Refer to Breach Notification Section

Security Oversight:
  • General Rules 164.306
  • Policies & Procedures & Documentation Requirements 164.316
  • Security Awareness and Training 164.308(a)(5)(i)
  • Security Reminders 164.308(a)5)(ii)(A)
  • Sanction Policy 164.308(a)(1)(ii)(C)
  1. HIPAA Oversight Policy Doc
  2. Security Benchmarking Whitepaper

Also Refer to Training Section

Social Media
  1. Social Media Whitepaper
Technical Access Control:
  • Encryption 164.312(e)(2)(ii)
  • Encryption and Decryption 164.312(a)(2)(iv)
  • Integrity 164.312(c)
  • Integrity Controls 164.312(e)(2)(i)
  • Transmission Security 164.312(e)(1)
  1. Encryption Whitepaper
Training
  • 164.530(b)(1)
  • 164.308(a)(5)
  1. HIPAA Overview PPT
  2. Example Privacy & Security Training Session PPT
  3. Example Privacy & Security Training Session Review Questions Doc
  4. Administrative Requirements PPT

Also Refer to Security Oversight Section

Treatment Uses and Disclosures  164.506
  1. Position Statement: Disclosing PHI for Treatment Purposes Doc
Verification of Identity 164.514(h)
  1. Verification P&P Doc
Workers Compensation  164.512(l)
  1. Workers Comp Policy Doc

Password Reset

Please enter your e-mail address. You will receive a new password via e-mail.