Common use of HIPAA COMPLIANCE PLAN REQUIREMENT Clause in Contracts

HIPAA COMPLIANCE PLAN REQUIREMENT. In order to ensure that the BA complies with Federal and State regulations regarding protected health information, the BA shall submit a “HIPAA Compliance Plan” to the CE describing: 4.1 The training of staff and any subcontractors regarding HIPAA and State regulations. 4.2 A process for tracking the training of staff and subcontractors. 4.3 A process for staff and subcontractors to report any breaches of protected health information. This shall include employee disciplinary procedures for employees who violate HIPAA guidelines, and whistle blower protection for staff reporting breaches. 4.4 A description of how the BA plans to secure and safeguard electronically stored health information. This shall include at a minimum, descriptions of passwords, encryption, and any other technology designed to prevent unauthorized access to protected health information. 4.5 A process for reviewing security measures and identifying areas of potential risk for a breach, a plan for mitigating identified risks, and assurance that such risk evaluation shall be conducted annually.

HIPAA COMPLIANCE PLAN REQUIREMENT. In order to ensure that the BA complies with Federal and State regulations regarding protected health information, the BA shall submit a “HIPAA Compliance Plan” to the CE describing: 4.1 4.1. The training of staff and any subcontractors regarding HIPAA and State regulations. 4.2 4.2. A process for tracking the training of staff and subcontractors. 4.3 4.3. A process for staff and subcontractors to report any breaches of protected health information. This shall include employee disciplinary procedures for employees who violate HIPAA guidelines, and whistle blower protection for staff reporting breaches. 4.4 4.4. A description of how the BA plans to secure and safeguard electronically stored health information. This shall include at a minimum, descriptions of passwords, encryption, and any other technology designed to prevent unauthorized access to protected health information. 4.5 4.5. A process for reviewing security measures and identifying areas of potential risk for a breach, a plan for mitigating identified risks, and assurance that such risk evaluation shall be conducted annually.

HIPAA COMPLIANCE PLAN REQUIREMENT. In order to ensure that the BA complies with Federal and State regulations regarding protected health information, the BA shall submit a “HIPAA Compliance Plan” to the CE describing: 4.1 The training of staff and any subcontractors regarding HIPAA and State regulations. 4.2 A process for tracking the training of staff and subcontractors. 4.3 A process for staff and subcontractors to report any breaches of protected health information. This shall include employee disciplinary procedures for employees who violate HIPAA guidelines, and whistle blower protection for staff reporting breaches. 4.4 A description of how the BA plans to secure and safeguard electronically stored health information. This shall include at a minimum, descriptions of passwords, encryption, and any other technology designed to prevent unauthorized access to protected health information.. DRAFT 4.5 A process for reviewing security measures and identifying areas of potential risk for a breach, a plan for mitigating identified risks, and assurance that such risk evaluation shall be conducted annually.