HIPAA Privacy Rule Profile, v1.0

Profile of HIPAA Privacy Rule (per 45 CFR Section 164.500-599) requirements for policies and procedures for handling e-PHI.
Publication Date 2017-02-17
Issuing Organization
No Responder help@trustmarkinitiative.org 404-407-8956 75 5th Street NW, Suite 900, Atlanta, GA 30308
Keywords There are no keywords.
Legal Notice This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TIP_HIPAABusinessAssociateContractsContentProfile and TIP_HIPAADocumentationRetentionProfile and TIP_HIPAANoticeofPrivacyPracticesProfile and TIP_HIPAAPrivacyPoliciesandProceduresProfile and TIP_HIPAAComplianceDateforPrivacyImplementationProfile and TD_PrivacyProtectionRequest and TD_AccesstoProtectedHealthInformation and TD_AmendmentofProtectedHealthInformation and TD_AccountingofDisclosuresofProtectedHealthInformation and TD_PrivacyOfficialforEntity and TD_TrainingMembersofWorkforce and TD_AppropriateSafeguardstoProtectDataPreventDisclosure and TD_AppropriateSafeguardstoProtectDataLimitDisclosure and TD_ProcessforComplaints and TD_AppropriateSanctionsAgainstWorkforce and TD_HarmfulEffectMitigation and TD_RetaliatoryActionAgainstComplainant and TD_NoRequirementtoWaiveRights

References (18)

 TIP  HIPAA Business Associate Contracts Content Profile, v1.0
Description Profile of HIPAA requirements for the contents of Business Associate Contracts/Agreements between a covered entity and its business associates or other subcontractors per 45 CFR Section 164.504.
ID TIP_HIPAABusinessAssociateContractsContentProfile
 TIP  HIPAA Documentation Retention Profile, v1.0
Description Profile of a covered entity's HIPAA requirements to maintain the policies and procedures and privacy notice and their changes in written or electronic form.
ID TIP_HIPAADocumentationRetentionProfile
 TIP  HIPAA Notice of Privacy Practices Profile, v1.0
Description Profile of HIPAA requirements for the privacy notice to users of the organization's privacy practices (per 45 CFR Section 164.500-599) regarding PHI.
ID TIP_HIPAANoticeofPrivacyPracticesProfile
 TIP  HIPAA Privacy Policies and Procedures Profile, v1.0
Description Profile of HIPAA requirements for the documenting, implementing, and changing policies and procedures for privacy practices regarding PHI.
ID TIP_HIPAAPrivacyPoliciesandProceduresProfile
 TIP  HIPAA Compliance Date for Privacy Implementation Profile, v1.0
Description Profile of reules for determining and verifying the compliance date of a health care provider as specified by the HIPAA Privacy Rule per 45 CFR Section 164.534.
ID TIP_HIPAAComplianceDateforPrivacyImplementationProfile
 TD  Privacy Protection Request, v1.0
Description Specifies that a covered entity must have policies and procedures to permit an individual to request that the covered entity restrict uses or disclosures of protected health information about the individual, and disclosures to a family member or other designated person.
ID TD_PrivacyProtectionRequest
Provider Reference
 TD  Access to Protected Health Information, v1.0
Description Specifies that a covered entity must have policies and procedures to ensure that an individual has a right of access, in a timely manner, to inspect and obtain a copy of protected health information about the individual, subject to certain restrictions and limitations.
ID TD_AccesstoProtectedHealthInformation
Provider Reference
 TD  Amendment of Protected Health Information, v1.0
Description Specifies that a covered entity must have policies and procedures to permit an individual to request that a covered entity amend, in a timely manner, protected health information or a record about the individual, subject to certain restrictions and limitations.
ID TD_AmendmentofProtectedHealthInformation
Provider Reference
 TD  Accounting of Disclosures of Protected Health Information, v1.0
Description Specifies that a covered entity must have policies and procedures to permit an individual to receive an accounting of disclosures of protected health information made by a covered entity in the six years prior to the date on which the accounting is requested, except for certain disclosures.
ID TD_AccountingofDisclosuresofProtectedHealthInformation
Provider Reference
 TD  Privacy Official for Entity, v1.0
Description Specifies that a covered entity must have policies and procedures to designate a privacy official who is responsible for the development and implementation of the policies and procedures of the entity.
ID TD_PrivacyOfficialforEntity
Provider Reference
 TD  Training Members of Workforce, v1.0
Description Specifies that a covered entity must have policies and procedures to train all members of its workforce on the policies and procedures with respect to protected health information required by the Privacy Rule.
ID TD_TrainingMembersofWorkforce
Provider Reference
 TD  Appropriate Safeguards to Protect Data - Prevent Disclosure, v1.0
Description Specifies that a covered entity must have in place appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information by preventing disclosure that is in violation of regulations.
ID TD_AppropriateSafeguardstoProtectDataPreventDisclosure
Provider Reference
 TD  Appropriate Safeguards to Protect Data - Limit Disclosure, v1.0
Description Specifies that a covered entity must have in place appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information by limiting disclosure to required or permitted uses.
ID TD_AppropriateSafeguardstoProtectDataLimitDisclosure
Provider Reference
 TD  Process for Complaints, v1.0
Description Specifies that a covered entity must provide a process for individuals to make complaints concerning the covered entity's policies and procedures.
ID TD_ProcessforComplaints
Provider Reference
 TD  Appropriate Sanctions Against Workforce, v1.0
Description Specifies that a covered entity must have and apply appropriate sanctions against members of its workforce who fail to comply with the privacy policies and procedures.
ID TD_AppropriateSanctionsAgainstWorkforce
Provider Reference
 TD  Harmful Effect Mitigation, v1.0
Description Specifies that a covered entity must have policies and procedures to mitigate, to the extent practicable, any harmful effect that is known to the covered entity of a use or disclosure of protected health information.
ID TD_HarmfulEffectMitigation
Provider Reference
 TD  Retaliatory Action Against Complainant, v1.0
Description Specifies that a covered entity must have policies and procedures to not intimidate, threaten, coerce, discriminate against, or take other retaliatory action against any individual.
ID TD_RetaliatoryActionAgainstComplainant
Provider Reference
 TD  No Requirement to Waive Rights, v1.0
Description Specifies that a covered entity must not require individuals to waive certain rights as a condition for services.
ID TD_NoRequirementtoWaiveRights
Provider Reference
Also available as XML or JSON