Policies and Procedures and Documentation Requirements. “Policies and Procedures and Documentation Requirements” shall mean the Standards for the Protection of Electronic Protected Health Information at 45 CFR §164.316.
Policies and Procedures and Documentation Requirements. On or before the Compliance Date, Business Associate shall have implemented reasonable and appropriate policies and procedures to comply with the standards, implementation specifications, or other requirements of the EPHI Security Standards, taking into account the factors specified at 45 C.F.R. § 164.306(b)(2)(i), (ii), (iii) and (iv). Commencing on and after the Compliance Date, Business Associate shall (i) maintain the policies and procedures implemented to comply with the EPHI Security Standards in written or electronic form, and (ii) if an action, activity or assessment is required by 45 C.F.R. Part 164, Subpart C “Security Standards for the Protection of Electronic Protected Health Information” to be documented, maintain a written or electronic record of the action, activity, or assessment in accordance with the implementation specifications set forth at 45 C.F.R. § 164.316(b)(2).
Policies and Procedures and Documentation Requirements. Effective on or before February 17, 2010, Business Associate shall comply with the policies and procedures and documentation standards and implementation specifications under 45 CFR § 164.316, in accordance with 45 CFR § 164.306.
Policies and Procedures and Documentation Requirements. Business Associate shall maintain reasonable and appropriate policies and procedures to comply with the standards, implementation specifications, or other requirements of the EPHI Security Standards, taking into account the factors specified at 45 C.F.R. § 164.306(b)(2)(i), (ii), (iii) and (iv). Business Associate shall (i) maintain the policies and procedures implemented to comply with the EPHI Security Standards in written or electronic form, and (ii) if an action, activity or assessment is required by 45 C.F.R. Part 164, Subpart C “Security Standards for the Protection of Electronic Protected Health Information” to be documented, maintain a written or electronic record of the action, activity, or assessment in accordance with the implementation specifications set forth at 45 C.F.R. § 164.316(b)(2).
