| HIPAAdvisory > HIPAAwares > Security Policies Templates Suite |  |
Phoenix Health Systems'
|
| Policy Administration: | Offers space for reviews, approvals, numbering, and revision tracking. |
| HIPAA Security Rule Language: | Provides specific wording of the regulation used as basis of the policy. |
| Policy Summary: | Summarizes the scope and intent of the policy. |
| Purpose: | Describes what the organization is trying to accomplish through execution of the policy. |
| Policy: | Provides suggested wording for the policy detail. The templates are written to incorporate the relevant regulatory principles. Each organization may customize the policy to reflect its own organizational culture. |
| Scope/Applicability: | Offers space to identify those divisions/departments to which the policy would apply. |
| Regulatory Category: | Indicates into which of the HIPAA Security Categories (Administrative Safeguards, Physical Safeguards, Technical Safeguards, or Other Standards) the policy is included. |
| Regulatory Type: | Indicates whether the policy is related to a security Standard or Implementation Specification. If the policy is for an implementation specification, this section indicates the specific standard to which it applies, in addition to whether it is an addressable or required specification. |
| Regulatory Reference: | Cites the specific section(s) of the HIPAA Security Rule to which the policy template relates. |
| Definitions: | Provides associated HIPAA-related definitions to ensure that each policy will “stand on its own,” and to minimize misinterpretation. |
| Responsible Parties: | Provides space for listing the individual(s) responsible for implementing the policy. |
| Authority/Enforcement: | Offers space for listing of personnel responsible for monitoring and enforcing the policy. This section generically includes the Security Officer. Users may incorporate titles to match their organization’s terminology, organizational structure, and division of duties. |
| Related Policies: | Provides references to other policies in the HIPAA Security Policies Templates Suite that relate in content or intent. |
| Renewal/Review: | Provides opportunity for organization to outline a schedule and/or circumstances under which policy is to be reviewed and updated. |
| Procedures: | Offers space for organization to reference procedures that are put in place to support and implement the policy. Templates include the generic “TBD” (to be determined). |
| Notes: | Be advised that, for some policies, “supplemental notes” may be included to provide users with additional direction in drafting policies and procedures. These notes are set apart in Courier type to distinguish them from the policy detail itself. |
