Health Insurance Portability and Accountability:
Subpart C Section 164.306 (c) of the Health Insurance Portability and Accountability Act (HIPAA) requires covered entities to comply with specific security standards with respect to all electronic protected health information. This section highlights the templates from the Best Practice Policy Framework library (for example, policy and standards controls) that are needed to create, implement, and maintain an Information Security Program that complies with HIPAA.
HIPAA Policy Sample Library
This section provides sample Policy Framework templates (for example, Program Charter, policies, and standards) that are needed to create, implement, and maintain an Information Security Program that complies with HIPAA Subpart C Sections 164.308, 164.310, 164.312, and 164.316.
- HIPAA Policy References
- The section provides templates for an Information Security Program Charter and supporting policies that define the specific objectives required to create, implement, and maintain an Information Security Program that complies with HIPAA (Subpart C Sections 164.308, 164.310, 164.312, and 164.316). Policies provide the necessary authority to establish and implement technology- and solution-specific standards.
- HIPAA Standard References
- This section provides templates for the standards that are required to comply with HIPAA (Subpart C Sections 164.308, 164.310, 164.312, and 164.316) and support the objectives established in the policies located in the HIPAA Policies section.
--Mdpeters 09:07, 14 July 2006 (EDT)
This document provides guidance on Standards for Privacy of Individually Identifiable Health Information, Security Standards for the Protection of Electronic Protected Health Information, and General Administrative Requirements Including, Civil Money Penalties: Procedures for Investigations, Imposition of Penalties, and Hearings. Media:Final_Privacy_Rule_Regulations.pdf