Click Here to Return to the Intro Page

A. How It All Got Started
B. Relationship to the other HIPAA Standards
C. Compliance Deadline: Between Now & Then
D. Relationship with State Law
E. The Enforcers
F. The Penalties

A. Healthcare providers
B. Health plans
C. Healthcare Clearinghouses

A. General Rule
B. Consent
C. Authorization
D. Opt in/Opt out
E. Exceptions
F. The Minimum Necessary
G. Marketing & Fundraising
H. Research

A. Right to Privacy Notice
B. Right to Request Restrictions on Use or Disclosure
C. Right to an Accounting of Disclosures
D. Right to Inspect & Copy
E. Right to Request Amendment or Correction of PHI

A. Privacy Official
B. Contact Person
C. Training and Education
D. Administrative, Technical & Physical Safeguards
E. Complaints
F. Appropriate Sanctions
G. Mitigation of Harmful Effects of Violations
H. No Retaliatory Action
I. Reasonable Written Policies & Procedures

A. Appoint a Privacy Officer
B. Conduct an Assessment

1. Find your PHI
2. Track the Flow of your PHI
3. Identify your Business Associates

C. Develop Forms, Policies and Procedures

1. Privacy Notice
2. Consent
3. Authorization
4. Request for Restriction on Use or Disclosure
5. Request to Inspect & Copy PHI
6. Request to Amend or Correct PHI
7. Request to Receive an Accounting
8. Accounting
9. Complaint Forms
10. Employee Handbook
11. Employee Confidentiality
12. Employee Separation
13. Disciplinary Policies
14. Work Area Standards
15. Record Destruction Policy
16. Business Associate Agreements

D. Educate & Train
E. Monitor Compliance
F. Correct & Improve