HIPAA Security Compliance Tools

Theodora Oringher Miller & Richman PC has a comprehensive package of HIPAA Security Compliance Tools designed to help your organization comply with the HIPAA Security Rule in the quickest and most efficient manner possible. Our Security Compliance Tools offer a number of advantages:

  • Huge Timesaver. Use of our Security Compliance Tools will allow you to save a great deal of time (and money) on policy and document development – you can focus on adapting and implementing security policies, rather than drafting them
  • Implementation Advice. Our Security Compliance Tools provide you with lots of detailed implementation advice to create an effective security environment
  • Integrated Approach. The components of our Security Compliance Tools are fully integrated with each other, and represent the most efficient way to approach HIPAA compliance
  • References to Useful Resources. Each of our Model Policies and Procedures includes references to National Institutes of Standards and Technology best practices, implementation standards, applicable federal laws and regulations, and specific HIPAA Security Rule requirements

The Firm has assisted all types of covered entities with HIPAA issues, including those relating to the Security Rule and Privacy Rule. Our broad-based understanding of the operations of health care organizations enables us to develop practical solutions for HIPAA compliance. We counsel clients on transactional, regulatory, and operational matters related to the HIPAA privacy and security standards.

Security Rule

The Security Rule requires a covered entity to ensure the confidentiality, integrity and availability of electronic protected health information. Effective April 21, 2005 (April 21, 2006 for "small" health plans, as defined by HIPAA), the Security Rule requires covered entities to carefully review and document their security systems (both electronic and physical). An overview of the model documents we developed to assist you in your Security Rule implementation efforts can be found below.

Security Compliance Tools

Licensees of our HIPAA Security Compliance Tools receive:

  • HIPAA Security Rule Standards and Risk Assessment Tool. A summary of each of the HIPAA Security Rule standards and a Risk Assessment survey tool that will assist you in identifying security vulnerabilities that should be addressed in the development and implementation of your HIPAA Security Program
  • HIPAA Security Compliance Workplan. A HIPAA Security Workplan, a comprehensive overview of the Security Rule, and instructions on how customize the model policies and procedures to match your business operations
  • Model Policies and Procedures. Over 35 Model Policies and Procedures, closely integrated with the Workplan, to help document the health care organization's compliance efforts
  • Forms, Logs and Checklists. Numerous forms, logs and checklists to assist you in documenting compliance with various HIPAA Security Rule requirements
  • HIPAA Security Compliance Checklist. A checklist of each of the HIPAA Security Rule Standards and specific requirements related thereto to be utilized for ensuring that your policies, procedures and overall security plan addresses all of the requirements
  • Contracts. A business associate contract that covers HIPAA Privacy Rule and Security Rule issues; a business associate contract addendum that only covers HIPAA Security Rule issues; a third party connection contractual agreement; a workforce confidentiality agreement; and related HIPAA security policies.
  • Glossary. A handy reference to the terms used under the HIPAA Security Rule
  • All on a CD. Best of all, the Compliance Tools are provided in Microsoft Word format on a CD-ROM, ready for your customization

Our Security Compliance Tools include the following sample Policies and Procedures, Forms and Contracts:

Administrative Safeguards

  • Assigned Security Responsibility
  • Contingency Planning
  • Evaluation (formerly known as "certification")
  • Information Access Management – Isolating Clearinghouse Functions
  • Information Access Management – Access Establishment and Modification
  • Security awareness and Training
  • Security Policy Training Checklist
  • Security Training Documentation Form
  • Security Incident Procedures – Response and Monitoring
  • Security Incident Report Form
  • Security Incident Log
  • Security Management Process – Risk Analysis and Risk Management
  • Security Management Process – Sanction Policy
  • Security Management Process – Information System Activity Review
  • Workforce Security – Authorization and/or Supervision
  • Workforce Security – Workforce Clearance
  • Workforce Security – Termination/Change
  • Workforce Termination Checklist
  • Policy Creation and Documentation

Physical Safeguards

  • Device and Media Controls – Media Re-use and Disposal
  • Device and Media Controls – Inventory and Accountability
  • Device and Media Controls – Data Backup and Storage
  • Workstation Use
  • Workstation Security
  • Facility Access – Facility Security
  • Information System Access Control
  • Maintenance of Records

Technical Safeguards

  • Access Control – Unique User ID
  • Access Control – Emergency Access
  • Access Control – Automatic Logoff
  • Access Control – Encryption and Decryption
  • Access Control – Remote Access
  • Access Control – Password Policy
  • Access Control – Wireless Access
  • Audit Controls
  • Integrity – Authentication of Electronic Protected Health Information
  • Integrity – Person or Entity Authentication
  • Transmission Security – Integrity Controls
  • E-mail Use and Security

Miscellaneous

  • Business Associate Agreement Policy and Contract/Addendum
  • Third Party Connection Policy and Contract
  • Workforce Confidentiality Agreement

Ordering Information

You can obtain the HIPAA security compliance tools for only $499. Please contact Michael A. Dowell at mdowell@tocounsel.com or (310) 557-2009 for ordering information. Other HIPAA Security Legal Services are available upon request.