Models, Samples, & Templates
GENERAL
HIPAA Gap Assessment/Risk
Analysis checklist for providers from Phoenix HIPAAsolutions
staff
HIPA-A-B-C's for
Small Providers - a user-friendly outline of the HIPAA essentials
every provider should know from Phoenix HIPAA solutions staff
Our sample Half-Day
Department Head/ Management HIPAA Presentation gives an
in-depth educational session for all managers, department heads
and professional staff. At a minimum, this should include a discussion
of HIPAA's implications department-by-department, and a high-level
action plan.
Model forms, policies, procedures and agreements  from the Southern Healthcare Administrative Regional
Process (SHARP) Workgroup, including:
- Authorizations for Use or Disclosure/Release of Information
- Notices of Privacy Practices
- Privacy and Security Policies and Procedures
- Chain of Trust Agreement
- Small Practice Employee HR Manual
- HR Policies and Procedures Training Presentation
- Small Practice Disaster Recovery Manual
Whitepapers...
PRIVACY
- Amendment Policy and Procedure (Sample) (AHIMA)
- Authorization for Disclosure of Health Information (Sample) (AHIMA)
- Authorization for Use of Protected Health Information (Word document) from PhysiciansPractice.com
- Authorization to Use or Disclose Health Information (Sample) (AHIMA)
- Business Associate Agreement (PDF) revised by JCAHO
- Business Associate Agreement (Word document) from PhysiciansPractice.com
- Business Associate Agreement from the American Hospital Association (AHA)
- Business Associate Agreement (Contract) incorporating provisions from the Final Security Rule (Word format)
from North Carolina Healthcare Information and Communications Alliance (NCHICA) - Note: This version includes provisions for final Security Rule published on February 20, 2003 that are not in force until April 2005. Potential users of this document should consider having your plan for compliance with the Security Rule in place before using this version of the Agreement.
- Business Associate Agreement (Contract) (Word format)
(NCHICA) - Note: This version does not include provisions for final Security Rule published on February 20, 2003
- Business Associate Contract from the Privacy NPRM
- Confidentiality Agreement (Word document) from PhysiciansPractice.com
- Confidentiality and Use and Disclosure of Health Information for Research Purposes (PDF)
- Consent for Photography/Videotaping (Sample) (AHIMA)
- Constructing Minimum Necessary Policies and Procedures and RBAC (Example) (AHIMA)
- Criteria for Evaluating Non-Routine Disclosures (Examples) (AHIMA)
- Data Use Agreement for Limited Data Set (PDF)
- Facsimile Transmission of Health Information Sample Confidentiality Notice (Updated) (AHIMA)
- "Guide to Privacy Readiness, version 2" November 2002 (PDF) from the Maryland Health Care Commission provides an overview of the HIPAA Privacy Regulation, definitions of terms used in the regulation, plus:
- Assessment Guide and Work Plan
- Business Associate Contract (development tips & model form)
- Notice of Privacy Practices (development tips & model form)
- Computer and Information Usage Agreement (development tips & model form
- Guidance for Identifying Designated Record Sets under HIPAA (PDF) (NCHICA)
- Guidelines for Using HIPAA Authorization Text as An Addendum to Informed Consent Forms (PDF)
- Health Record Correction/Amendment Form (Sample) (AHIMA)
- HIPAA Privacy Checklist from the American Health Information Management Association (AHIMA)
- Language-Interpreter Consent Form – Winner of AHIMA's Best Practice Award Program, McAlester Regional Health Center created a language interpreter consent form to help comply with upcoming HIPAA standards and ensure patient confidentiality in all aspects of health care.
- Model Authorization Form (PDF) from the Proposed Standards for Privacy and Individually Identifiable Health Information
- Notice of Health Information Practices (Sample) (AHIMA)
- Notice of Privacy Practices (AHA)
- Notice of Privacy Practices American Medical Association (AMA)
- Notice of Privacy Practices (NPP) from the Department of Defense (DOD)
- Notice of Privacy Practices (Word format) (NCHICA)
This revised version includes an appendix with provisions for more stringent NC laws and regulations.
- Research Topics:
- Plain Language Principles (see below)
Sample content of Provider Notice of Information Practices from the Proposed Standards for Privacy and Individually Identifiable Health Information
- Privacy and Security Training Plan (Sample) (AHIMA)
- Privacy Officer Job Description (Sample) (AHIMA)
- Privacy and Security Position Assessment (Sample) (AHIMA)
- Preemption Decision Form (Sample) (AHIMA)
- Preemption Decision Summary Log (Sample) (AHIMA)
- Routine Requests and Disclosures (Examples)
- "Privacy Practices, A Framework and Structured Process for Developing Responsible" (Word format) (Second Edition—HIPAA Update, September 2001) companion document to "PKI in Healthcare." Includes an operational framework for developing privacy practices accompanied by a toolkit including the HealthKey Privacy Principles: A Working Set, endorsed by the HealthKey Privacy Advisory Group; policy checklists and model policies and practices for three common electronic transactions (email, file transfer, secure access). All are intended for use as templates in real-world implementations.
- Sample and Implementation Instructions for a Stand-alone Authorization for Use and Disclosure of Health Information for Research Purposes (PDF)
- Template for a Comprehensive Health Care Information Protection Agreement Between Business Associates, September 2001 (Word format) Sponsored by HealthKey Washington, this Agreement was developed to provide a contractual framework for the protection of private information in the course of electronic transactions among healthcare organizations. The Agreement allows for compliance in regards to business associates, chain of trust, trading partners, HCFA Internet Security Policy, GLB Act, generally accepted privacy principles, electronic signatures & electronic records, and health information transaction contracting; also includes a Crosswalk of Provisions.
- Plain Language Principles and Thesaurus for Making HIPAA Privacy
Notices More Readable from the Office for Civil Rights
"Bullfighter" plain language software
The program, which runs in Microsoft Word and PowerPoint
2000 and XP much like spell checkers, helps writers of business
documents avoid jargon and use clear language.
Guidelines, relevant articles,
& more...
SECURITY
NIST publications referenced in the Final Security Rule:
Guidelines, relevant articles,
& more...
TRANSACTIONS
North Carolina Healthcare Information and Communications Alliance
(NCHICA)
Guidelines, relevant articles, &
more...
|
