Privacy Policies and Procedures - Changes to Other Policies or Procedures - i, v1.0
Specifies requirements and restrictions for health care related organizations on how to change the privacy practices in the privacy notice if revisions are necessary.
Note: See related trustmark for criteria ii.
Assessment Step
1
Changes to Other Policies and Procedures (ChangestoOtherPoliciesandProcedures)
Does the covered entity have policies and procedures to change, at any time, a policy or procedure that does not materially affect the content of the privacy notice required by Section 164.520? Such policies and procedures to change policies and procedures must meet the following requirements:
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
|
Conformance Criteria (1)
Policy or Procedure Changes
A covered entity may change, at any time, a policy or procedure that does not materially affect the content of the privacy notice required by Section 164.520, provided that:
Citation
HIPAA-Privacy-Rule
45 CFR Section 164.530(i)(5)(i)
|