Is your organization prepared for Health Insurance Portability and Accountability Act (HIPAA) compliance? Do you have a HIPAA compliance plan for anesthesia with policies and procedures?

Your organization must be prepared for Health Insurance Portability and Accountability Act (HIPAA) compliance.

In order to be fully compliant your organization must have HIPAA Privacy & Security policies. Anesthesia Compliance Consultants will provide templates with policies and procedures that offers complete coverage of the privacy, security and HITECH requirements. These will meet federal regulations and state law.

Privacy Policies & Security Policy Templates – contact us for a quote

Anesthesia HIPAA Privacy Policies

Our Anesthesia HIPAA Privacy Policy Templates are ready for purchase by your organization. These are easily modifiable for immediate use. They cover all the policies & procedures to be compliant with the Privacy Rule & HITECH Regulations.

Anesthesia HIPAA Security Policies

We offer a HIPAA Security Policy Template that will help you prepare for Security Rule Compliance. These are easily modifiable for immediate use. They cover all the policies & procedures necessary to be compliant with the Privacy Rule & HITECH Regulations.

A HIPAA Compliance Plan must accomplish the following:

  • Implement policies and procedures to ensure compliance
  • Implement administrative, technical and physical safeguards
  • Perform ongoing monitoring and assessment
  • Implement a training plan
  • Appoint a Privacy and Security Officer
  • Create a HIPAA hotline
  • Create a non-retaliation policy for whistleblowers
  • Maintain policies and procedures
HIPAA compliance

Topics Covered

  • HIPAA Privacy Regulations
  • HIPAA Administrative Safeguard Requirements
  • Physical Safeguard Requirements
  • Technical Safeguard Requirements
  • Permissible Use and Disclosures
  • Reasonable Safeguards
  • Breaches
  • OCR investigations
  • Uses and Disclosures of PHI
  • Family or Friends Involved in Care
  • Disclosures of Protected Health Information to Law Enforcement
  • Uses and Disclosures for Fundraising
  • Uses and Disclosuresfor Marketing
  • HIPAA Definitions
  • Notice of Privacy Practices
  • Business Associate Agreements
  • HIPAA Privacy Training
  • Safeguards for Protected Health Information
  • Privacy Complaints
  • Sanctions for HIPAA violations
  • No Retaliation for Exercising Privacy Rights
  • Access to PHI
  • Restrictions on Uses and Disclosures
  • Amendment to PHI
  • Accounting of Disclosures
  • Confidential Communication
  • Minimum Necessary Standard
  • Authorization for Use and Disclosure of PHI
  • Verification of Identity
  • Notification of Breach of Unsecured PHI

Privacy Policies

  • HIPAA Definitions
  • General Administrative Requirements
  • Notice of Privacy Practices
  • Business Associate Agreements
  • HIPAA Privacy Training
  • Safeguards for Protected Health Information
  • Privacy Complaints
  • Sanctions for Hipaa Violations
  • No Retaliation for Exercising Privacy Rights
  • Access to PHI
  • Restriction on Uses and Disclosures
  • Amendment to PHI
  • Accounting of Disclosures
  • Confidential Communication
  • Uses and Disclosures of PHI
  • Family Or Friends Involved In Care
  • Disclosures Of Protected Health Information To Law Enforcement
  • Uses and Disclosures for Fundraising
  • Minimum Necessary Standard
  • Authorization for Use and Disclosure of PHI
  • Verification of Identity
  • Uses And Disclosures For Marketing
  • Notification of Breach of Unsecured PHI

Forms

  • Privacy Complaint Form
  • Privacy Complaint Intake Form
  • Notice of Privacy Practices
  • Acknowledgement of Receipt of NPP form
  • Authorization for Uses and Disclosures of Protected Health Information
  • Acknowledgement Form

Security Policies

Administrative Safeguards

Security Management Process

  • Risk Analysis
  • Risk Management
  • Sanction Policy
  • Information System Activity Review

Assigned Security Responsibility

Workforce Security

  • Authorization and/or Supervision
  • Workforce Clearance Procedure
  • Termination Procedure

Information Access Management

  • Access Authorization
  • Access Establishment and Modification

Security Awareness and Training

  • Security Reminders
  • Protection from Malicious Software
  • Log-in Monitoring
  • Password Management

Security Incident Procedures

  • Response and Reporting

Contingency Plan

Data Backup Plan

  • Disaster Recovery Plan
  • Emergency Mode Operation Plan
  • Testing and Revision Procedures
  • Applications and Data Criticality Analysis

Technical & Non-technical Evaluation

Business Associate Contracts and Other Arrangements

  • Written Contract or Other Arrangements

Physical Safeguards

Facility Access Controls

  • Contingency Operations
  • Facility Security Plan
  • Access Control and Validation Records
  • Maintenance Records

Workstation Use

Workstation Security

Device and Media Controls

  • Disposal
  • Media Re-use
  • Accountability
  • Data Backup & Storage

Technical Safeguards

Access Control

  • Unique User Identification
  • Emergency Access Procedure
  • Automatic Logoff
  • Encryption and Decryption

Audit Controls

Integrity

  • Mechanism to Authenticate Electronic Protected Health Information

Person or Entity Authentication

Transmission Security

  • Integrity Controls
  • Encryption

Anesthesia Compliance Consultants is prepared to supply your company with Privacy & Security Policies to stay abreast of the HIPAA Privacy Rule.

Anesthesia Compliance Consultants

Our professionals are compliance experts with 18 years experience in anesthesia compliance and HIPAA compliance. We have created anesthesia compliance and privacy plans based on extensive knowledge of the regulations and practical experience in clinical settings.

Busy practices will appreciate our anesthesia compliance and privacy plans.

Business Associate Agreements

HIPAA requires that you have Business Associate Agreements with business partners that you contract with to provide non-treatment services if they access, use or disclose protected health information (PHI) on your behalf. Prime examples would include accounting, billing, legal, risk management and IT services. Accordingly, we will help you business associate agreements for your organization.

Privacy Complaint Response and Breach Reporting

We are available to assist with responses to HIPAA complaints and investigate any privacy or security matter on your behalf whether from a patient, another individual or the Office for Civil Rights. Anesthesia Compliance Consultants works with clients on the breach analysis to determine if they are dealing with a breach of unsecured PHI. For incidents that are reportable breaches there are steps and deadlines that one must follow for compliant reporting to the individual and to the Office for Civil Rights. Furthermore, we will assist you throughout the process from start to finish on all aspects including mitigation of damages, creating a corrective action plan, drafting notice letters and reporting to the OCR. Most importantly, we are experienced in responding to Office for Civil Rights investigative letters and working with them to resolve complaints.

HIPAA in Clinical Practice

Established in 1996, the Health Insurance Portability and Accountability Act (HIPAA) outlined the requirements for the U.S. Department of Health and Human Services (HHS) that would serve to protect and secure health information. The program was divided into two rules, the Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) and Security Standards for the Protection of Electronic Protected Health Information (Security Rule). These created standards that all organizations who handle protected health information must follow.

Anesthesia Compliance Consultants will provide your organization with the policies, procedures and documents required for HIPAA compliance. These will give you the guidance to create a fully operational HIPAA Compliance Program.