HIPAA Manual

You must have Adobe Acrobat Reader to view the links below. To download a free version of Acrobat please click above. NOTE: When the document opens, please click on the "Bookmarks" tab on the left-hand side for easy navigation within the document.

Table of Contents

Introduction

Privacy Standards

Administrative Requirements

  • Privacy Official
  • Designated Record Set
  • Complaints
  • Sanctions
  • Reporting Violations
  • Safeguards
  • Printing, Copying, and Faxing Client Information
  • Disposal of Client Information
  • Training
  • Documentation
  • Office Management
  • Marketing
  • Employee Termination

Individual Client Rights

  • Access to information
  • Amendment of information
  • Restrictions on disclosures
  • Accounting of disclosures
  • Alternative communications

Use and Disclosure

  • Authorizations
  • Disclosures with "opt out"
  • Disclosures with no "opt out"
  • Other requirements

Minimum Necessary

Notice of Privacy Practices

Business Associates

Breaches

Security Rule

Information Security Definitions

Administrative Safeguards

  • Risk Analysis
  • Risk Management
  • Sanction Policy
  • Information System Activity Review
  • Assigned Security Responsibility
  • Workforce Security
  • Information Access Management
  • Security Awareness and Training
  • Security Incident Procedures
  • Contingency Plan
  • Evaluation
  • Business Associate Contracts and Other Arrangements

Physical Safeguards

  • Facility Access Controls
  • Workstation Use
  • Workstation Security
  • Device and Media Controls

Technical Safeguards

  • Access Control
  • Audit Controls
  • Integrity
  • Person or Entity Authentication
  • Transmission Security

Electronic Transaction and Code Sets

National Provider and Employer Identifiers

Appendices