Phoenix Health Systems'
HIPAA Security Policies Templates Suite

For Healthcare Providers

HIPAA requires covered entities to implement a comprehensive security program to protect electronic protected health information (ePHI) that they use and maintain within their organizations. One component of security is developing or revising your organization’s security policies – a major task that takes time and attention to detail. Each policy must specifically reflect the Security regulations’ complex requirements, yet be worded simply enough to be understood and applied across the entire organization.

The concept of security may conjure up images of the guard standing at the facility’s entrance or the network technician who installs programs to protect our computer systems. But the reality is that HIPAA Security involves every member of the workforce. Each security policy must set the foundation for the individual departmental procedures needed to support and implement the policy.

Our Security Policies

Phoenix Health Systems has developed a "near-camera-ready" suite of 54 security policies to help hospitals and other providers meet the challenges of creating enterprise-wide security policies. The suite addresses all major components of the HIPAA Security Rule and each policy can be adopted or customized based on your organization’s needs.

Our suite is unique – the only comprehensive set of security policies developed specifically to meet the needs of healthcare provider organizations. Developed by certified security specialists with strong healthcare experience, the policies are mapped to HIPAA requirements, based on security industry best practices and standards, and fine-tuned to the realities of healthcare provider environments. The templates are intended to serve as the cornerstone of your security program. They will simplify and support your efforts in tailoring security policies and procedures that:

satisfy the HIPAA mandates for security,
reflect your organization’s specific needs and operational environment, and
define an organizational culture and policy framework to guide your HIPAA Security implementation.

In designing the Phoenix Health Systems' HIPAA Security Policies Templates Suite, attention was given to the best practices defined by security industry leaders (such as: National Institute of Standards and Technology [NIST]; SysAdmin, Audit, Network, Security [SANS] Institute; ISO 17799; and CERT Coordination Center [CERT/CC]). These best practices served as a foundation for the policy suite. The key objectives in formulating the policies were to ensure that they are congruent with the HIPAA Security regulations, integrate industry-established best practices for security, and are tailored to the healthcare provider environment.

Phoenix' HIPAA Security Policies Templates Suite is mapped to the final federal HIPAA Security Rule of February 20, 2003. The policies are written from the perspective of the hospital environment, but are also useful for skilled nursing facilities

More Than 500 Healthcare Organizations Have Purchased Phoenix' Security Policies Templates Suite

Here's What Our Users are Saying

"You truly have produced a great product. The Security Templates created by Phoenix Health Systems are proving to be a tremendous asset in Indiana University Health Center's drive towards complete HIPAA security compliance. The depth and thoroughness of each of the 54 templates far exceeds what could have been created in-house….and have easily cut in half the workload involved…. The templates by themselves provide an excellent guide and focal point that together, precisely highlight the requirements for complying with the HIPAA security rules. The time savings alone is worth the cost of the template package many times over." -- Indiana University Health Center

"Phoenix Security Policies Templates provides a comprehensive model for security policies development. The Phoenix Security Templates drastically reduces the time commitment needed to identify relevant regulatory standards, document the issues and then finally write each policy. The research and writing is completed for you. One can use the policies as the basic framework and adapt them to the specific requirements of the organization. The policies are well written and clearly address the requirements of the specific security standards." -- Stratum Med (a physician owned and governed management company of numerous shareholder medical groups throughout the midwest).

"The Phoenix HIPAA Security Policies were the jump start that we needed to get our HIPAA Security Project on track. They were in depth as it pertained to the HIPAA Regulations while allowing us to tailor them to our own needs." -- Children's Healthcare of Atlanta

and other provider organizations. The policies support the Security Rule's provisions for "scalability," meaning that they can be adjusted to the size and scope of the covered entity.

The entire series may be purchased as a suite, or policies may be bought individually – whichever approach works best for your organization. However, given the inter-relationship of many of the policies, they will be of greatest value to users if the suite as a whole is obtained.

The Phoenix HIPAA Security Policies Templates Suite is available for purchase only by healthcare providers.

Providers may obtain a perpetual license for indefinite use and customization of the suite within their organization. Policies are delivered online, immediately upon order and payment.