You must have Adobe Acrobat Reader to view the links below. To download a free version of Acrobat please click above. NOTE: When the document opens, please click on the "Bookmarks" tab on the left-hand side for easy navigation within the document.
Table of Contents
Introduction
Privacy Standards
Administrative Requirements
- Privacy Official
- Designated Record Set
- Complaints
- Sanctions
- Reporting Violations
- Safeguards
- Printing, Copying, and Faxing Client Information
- Disposal of Client Information
- Training
- Documentation
- Office Management
- Marketing
- Employee Termination
Individual Client Rights
- Access to information
- Amendment of information
- Restrictions on disclosures
- Accounting of disclosures
- Alternative communications
Use and Disclosure
- Authorizations
- Disclosures with "opt out"
- Disclosures with no "opt out"
- Other requirements
Minimum Necessary
Notice of Privacy Practices
Business Associates
Breaches
Security Rule
Information Security Definitions
Administrative Safeguards
- Risk Analysis
- Risk Management
- Sanction Policy
- Information System Activity Review
- Assigned Security Responsibility
- Workforce Security
- Information Access Management
- Security Awareness and Training
- Security Incident Procedures
- Contingency Plan
- Evaluation
- Business Associate Contracts and Other Arrangements
Physical Safeguards
- Facility Access Controls
- Workstation Use
- Workstation Security
- Device and Media Controls
Technical Safeguards
- Access Control
- Audit Controls
- Integrity
- Person or Entity Authentication
- Transmission Security
Electronic Transaction and Code Sets
National Provider and Employer Identifiers
Appendices
- Notice of Privacy Practices
- ASU Computer Usage Policy
- ASU Emergency Operations Plan
- ASU Risk Assessment Policy
- Business Associates Agreement Cover Letter
- Business Associates Agreement
- CDC Acceptable Use Policy for Computers
- CDC Acquisition Assessment Policy
- Computer Systems Security Policy
- Client Consent
- Complaint Form
- Confidentiality Form
- Electronic Data Disposal Policy
- Email Policy
- Fax Transmittal Form
- Guidelines on Anti-Virus Process
- Handy HIPAA Hints for Students
- Red Flags Rule
- Request for Accounting of Disclosures
- Request for Restricted Use or Alternative Communication Form
- Request to Access Information Forms
- Request to Amend Health Information Form
- Risk Analysis
- Risk Table
- Using Client Information in the Classroom