Please find below
the list of projects that can be executed and implemented with the help
of HIPAA Security Contingency Plan template suite
- Disaster Recovery Plan (DRP)
-
Business Continuity
Plan (BCP)
-
Business Impact
Analysis (BIA)
-
Business Resumption
Plan examples for depts. like Accounting, Human resources etc
-
Risk Assessment
-
Contingency Program
Policy & Standards
-
Selecting and
Implementing Recovery Strategies
-
Emergency Mode
Operation Plan
-
Data Backup and
Storage Plan
-
DRP & BCP Testing
and Revision Plan
-
Policies and
Procedures
-
Department Disaster
Recovery Activation
-
Recovery Strategies
-
Testing of the
Disaster Recovery Plan
-
Training of the
Disaster Recovery Team
-
Evaluation of the
Disaster Recovery Plan Tests
-
Maintenance of the
Disaster Recovery Plan
Documents in HIPAA Contingency Plan Template Suite:
Sub Section: Conducting a Business Impact Analysis (BIA)
- Applications and Data Criticality Analysis
Template (24 pages)
- Conducting a Business Impact Analysis (Guide)
(23 pages)
- Long Version Business Impact Analysis Template
(21 pages)
- Short Version Business Impact Analysis Template
(6 pages)
- Final Business Unit Report Template includes
following sub documents (8 pages)
- Department Financial Impact Chart Template (1
page)
- Department Operational Impact Chart Template (1
page)
- Department Legal/Regulatory Chart Template (1
page)
- Final Executive Management Report Template
includes following sub documents (23 pages)
- Combined Financial Impact Chart Template (2
pages)
- Combined Operational Impact Chart Template ( 3
pages)
- Combined Legal/Regulatory Chart Template (1
page)
- Combined People Over Time Chart Template (3
pages)
Sub Section: Conducting a HIPAA Risk Assessment
- Conducting a Risk Assessment (Guide) (15 pages)
- Risk Assessment Template (17 pages)
- Risk Assessment Worksheet (14 pages)
- Executive Risk Assessment Findings Report (15
pages)
- Preventative Measures Examples (6 pages)
- Final Facility Risk Assessment Report (10 pages)
- Executive Report Charts Template (5 Charts) (5
pages)
Sub Section: Selecting And Implementing Recovery Strategies
- Implementing Recovery Strategies includes
following sub documents (15 pages)
- Contingency Planning Process (8 pages)
Sub Section: Sample Documents
- Example of Completed Long Version Business
Impact Analysis (24 pages)
- Example of Completed Short Version Business
Impact Analysis (4 pages)
- Example of Completed Application and Data
Criticality Analysis (39 pages)
- Example of Completed Executive Management Report
(40 pages)
- Example of Completed Final Risk Assessment
Report (16 pages)
- Example of Completed Business Unit Final Report
(8 pages)
- Example of Charts to support Business Unit Final
Report (3 Charts) (3 pages)
- Example of Completed Risk Assessment (17 pages)
- Example Completed Risk Assessment Worksheet (14
pages)
Sub Section: Contingency Program Policy And Standards
- BIA Policy includes following sub document (12
pages)
- BIA Standard (14 pages)
- Business Resumption Planning Standards (20
pages)
- Disaster Recovery Planning Standard (69 pages)
- Contingency Planning Policy includes following
sub documents (10 pages)
- Risk Assessment Policy includes following sub
document (11 pages)
- Risk Assessment Standard (11 pages)
- Emergency Mode Operation Plan Standards (14
pages)
- Testing and Revision Standards (14 pages)
- Testing & Revision Policy will includes
following sub documents (17 pages)
- Data Backup Plan Policy Template will include
following sub documents (15 pages)
- Data Backup Standard (8 pages)
- Training & Awareness Standard (7 pages)
- Instructions on how to update all standards (3
pages)
Sub Section: Appendix Documents (Help Guides / Templates)
- Types of Contingency Plans (9 pages)
Sub Section: Data Backup and Storage Plan
- Data Backup Plan (DBP) Template (18 pages)
- Data Backup Plan (DBP) development Guide (11
pages)
Sub Section: Disaster Recovery Plan
- Application Recovery Template (23 pages)
- Application Recovery Plan Development Guide (18
pages)
- Network Recovery Template (20 pages)
- Network Recovery Plan Development Guide (15
pages)
- Database Recovery Template (19 pages)
- Database Recovery Plan Development Guide (16
pages)
- Server Recovery Template (19 pages)
- Server Recovery Plan Development Guide (15
pages)
- Telecommunications Recovery Template (19 pages)
- Telecom Recovery Plan Development Guide (17
pages)
- Disaster Recovery Plan Overview (38 pages)
- Disaster Recovery Plan Development Guide (17
pages)
Sub Section: Emergency Mode Operation Plan
- Emergency Mode Operation Planning Standards (38
pages)
- Emergency Mode Operations Plan Development Guide
(11 pages) Sub Section: Testing And Revision Plan
- Business Unit Test Plan Development Guide (10
pages)
- Business Unit Test Plan (16 pages)
- Dept. Business Resumption Plan Template (16
pages)
- Emergency Operation Plan (18 pages)
- Testing and Revision Program including following
sub documents (18 pages)
- Technology Test Plan Development Guide (10
pages)
- Technology Test Plan (18 pages)
- Disaster Recovery Audit Checklist (6 pages)
- Database Plan Audit Checklist (6 pages)
- Test Schedule (2 pages)
- Business Unit Plan Audit Checklist (6 pages)
- Application Plan Audit Checklist (7 pages)
- Server Plan Audit Checklist (6 pages)
- Network Plan Audit Checklist (6 pages)
- Telecom Plan Audit Checklist (6 pages)
- Audit Notification Memo (1 page)
- Plan Audit Final Report Template (1 page)
- Test Notification Memo (1 page)
- Type of Tests (1 pages) Sub Section: Sample
Documents
- Example of Completed Data Backup Plan (18 pages)
- Example of Completed Application Recovery Plan
(23 pages)
- Example of Completed Disaster Recovery Plan (38
pages)
- Example of Completed Emergency Mode Op Plan
including following sub documents:
- BIOMED EMOP (37 pages)
- Accounting EMOP (42 pages)
- Emergency Services EMOP (37 pages)
- Corporate Communications EMOP (38 pages)
- Facilities & Security EMOP (38 pages)
- Human Resources EMOP (38 pages)
- Laboratory EMOP (38 pages)
- Materials Management EMOP (38 pages)
- Pharmacy EMOP (37 pages)
- Surgery EMOP (36 pages)
- Example Business Unit Test Plan (14 pages)
- Example Technology Unit Test Plan (16 pages)
- Example Audit Notification Memo (1 page)
- Example Test Schedule (2 pages)
- Example Final Audit Report (2 pages)
- Example Business Plan Audit Checklist (6 pages)
- Example Audit Follow Up Memo (1 page)
- Example Test Notification Memo (2 pages)
2) HIPAA SECURITY POLICY TEMPLATE SUITE
We provide our extensively, sturdily and
effectively developed 67 HIPAA Security Template Suite that include 56
security policies & procedures required by HIPAA Security regulation and
additional 11 policies, checklist and forms as supplemental documents to
the required policies. These highly effective HIPAA security policies
meet the challenges of creating enterprise-wide security policies. The
suite addresses all major components of the HIPAA Security Rule and each
policy can be adopted or customized based on your organization's needs.
I. Policies on the Standards for Administrative Safeguards
- Risk Analysis
- Risk Management
- Security Management Process
- Sanction Policy
- Information System Activity Review
- Assigned Security Responsibility
- Workforce Security
- Authorization and/or Supervision
- Workforce Clearance Procedure
- Termination Procedures
- Information Access Management
- Access Authorization
- Access Establishment and Modification
- Security Awareness & Training
- Security Reminders
- Protection from Malicious Software
- Log-in Monitoring
- Password Management
- Security Incident Procedures
- Response and Reporting
- Contingency Plan
- Data Backup Plan
- Disaster Recovery Plan
- Emergency Mode Operation Plan
- Testing and Revision Procedure
- Applications and Data Criticality Analysis
- Evaluation
- Business Associate Contracts and Other
Arrangements
II. Policies on the Standards for Physical Safeguards
- Facility Security Plan
- Facility Access Controls
- Access Control and Validation Procedures
- Contingency Operations
- Maintenance Records
- Workstation Security
- Workstation Use
- Device and Media Controls
- Disposal
- Media Re-use
- Accountability
- Data Backup and Storage
III. Policies on the Standards for Technical Safeguards
- Unique User Identification
- Access Control
- Emergency Access Procedure
- Automatic Logoff
- Encryption and Decryption
- Integrity
- Mechanism to Authenticate Electronic Protected
Health Information
- Person or Entity Authentication
- Transmission Security
- Audit Controls
- Integrity Controls
- Encryption
IV. Organizational Requirements
- Policies and Procedures
- Documentation
- Isolating Healthcare Clearinghouse Function
- Group Health Plan Requirements
V. Supplemental Policies for Required HIPAA Policies
- Email Security Policy
- Automatically Forwarded Email Policy
- Wireless Security Policy
- Analog Line Policy
- Dial-in Access Policy
- Remote Access Policy
- Ethics Policy
- VPN Security Policy
- Extranet Policy
- Internet DMZ Equipment Policy
- Network Security Policy
3) HIPAA PRIVACY POLICY TEMPLATE SUITE
It is vital for a covered entity to build up and
implement policies and procedures appropriate to the entity's business
practices and workforce that reasonably minimize the amount of protected
health information used, disclosed, and requested;" - HIPAA Privacy Rule
45 CFR Part 160
Listed below are the 51 policies, forms and
procedures included in the HIPAA Privacy Policy & procedures template
suite. The policies can be used by any covered entity. All policies are
available in Microsoft Word format and can be easily customized as per
your requirements. Each HIPAA template is presented in a standard format
reflecting critical organizational functions to consider in HIPAA
remediation.
These HIPAA policies cover all the major areas like:
- General policies regarding use and disclosure of
PHI
- Minimum necessary rule for use and disclosure of
PHI
- Patient rights regarding their own PHI
- Uses and disclosures not requiring patient
authorization
- Special cases for restriction of uses and
disclosures of PHI
- Organizational issues and safeguards
The templates suite includes following HIPAA Privacy policies and
procedures.
- Accept Access Request
- Accounting for Disclosures
- Acknowledgement of Receipt
- Amendment to Record Form
- Authorization for Release of Information
- Authorization Form Release by Organization
- Authorization Form Release to Organization
- Avert Serious Threat to Safety
- Business Associate Contract
- Business Associate Contract Health Plan
- Complaint Process
- De-identified Information and Limited Data Sets
- Denial Access Request
- Denial Request to Amend Form
- Designated Record Set Example Provider
- Designated Record Set Health Plan
- Disclosure of Medical Information
- Disclosures Record Form
- Document Retention
- Employee Confidentiality Agreement
- General Release of PHI for TPO and Other
Purposes
- Health Plan Notice of Privacy Practices
- HIPAA Accept Amend Request Form
- Minimum Necessary
- Multi-Organization Arrangements
- Notice of Privacy Practices
- Privacy Officer
- Release by Whistleblowers
- Release for Abuse Neglect or Domestic Violence
- Release for Confidential Communications
- Release for Fundraising Purposes
- Release for Judicial or Administrative
Proceedings
- Release for Law Enforcement
- Release for Marketing Purposes
- Release for Research Purposes
- Release for Specific Government Functions
- Release for Workers Compensation
- Release of Information for Deceased Patients or
Plan Members
- Release of Information for Legal Purposes
- Release of Information to a Minor
- Release of Information to a Minor's Parents
- Release of Information to Friends and Family
Members
- Release of Psychotherapy Notes
- Release to Patient or Plan Member
- Request Confidential Communications Template
- Request for Amendment
- Request Restrictions
- Requests for Restriction
- Right to Object to Release for Certain Purposes
- Training Requirements
- Workforce Sanctions
4) HIPAA SECURITY RISK ANALAYSIS
TEMPLATE SUITE
Risk Analysis is often observed as the first step
towards HIPAA compliance. Risk analysis is a required implementation
specification under the Security Management Process standard of the
Administrative Safeguards portion of the HIPAA Security Rule as per
Section 164.308(a)(1). Covered entities will benefit from an effective
Risk Analysis and Risk Management program beyond just being HIPAA
compliant. Compliance with HIPAA is not optional... it is mandatory, to
avoid penalties.
Objective of HIPAA Security Risk Analysis/Assessment:
The overall objective of a HIPAA risk analysis is
to document the Potential risks and vulnerabilities to the
confidentiality, integrity, or availability of electronic protected
health information (ePHI) and determine the appropriate safeguards to
bring the level of risk to an acceptable and manageable level. It helps
in ensuring that controls and expenditure are fully commensurate with
the risks to which the organization is exposed
List of documents in HIPAA Security Risk
Analysis Template
- Risk Analysis Template
- Risk Analysis Checklist
- Risk Analysis Sample Final
- Asset Inventory Worksheet
- Risk Assessment Executive Presentation
- Threat Matrix Worksheet
5) HIPAA AUDIT TEMPLATE SUITE
The HIPAA Security Rule entail organizations, at a
minimum, to perform regular internal audits to evaluate processes and
procedures intended to secure confidential or "protected health
information" (PHI) (45 CFR 164.308(a)(8)). It is often worthwhile to
look for an external review or audit but the necessities of the security
rule do not specifically require this. In most cases, this will be
determined by the size of the organization, line of business, and,
sometimes, contract requirements (i.e., Medicare, Medicaid, etc.). The
purpose behind the audit is to ascertain if an organization has properly
documented administrative, physical and technical security practices,
policies, and procedures and generally meets the requirements of the
rule.
Objective of HIPAA Audit and Evaluation for
Compliance
The objective of HIPAA Audit includes the following
activities:
- Assess if all vulnerabilities have been
addressed.
- Verify that all compliance requirements have
been met.
- The objective of the Audit Control standard is
to implement hardware, software, and/or procedural mechanisms that
record and examine activity in information systems that contain or use
electronic protected health information.
List of documents for HIPAA Audit Template:
- HIPAA Comprehensive Audit Checklist
- HIPAA Privacy & Security Audit Report - Sample
- HIPAA Security Abbreviated Audit Checklist final
- HIPAA Security Audit Executive Presentation
- Information Security Audit Template
Total cost: $2500
Buy Now
All the HIPAA Templates Suite come in Microsoft Word/excel files so
you can add, change and delete content as required to complete your
privacy policies. If you have any questions, or if you wish to see
additional samples, please feel free to contact us at
Sales@Supremusgroup.com or call on (515) 865-4591. You can also buy
individual HIPAA template suites, which are available in our
online HIPAA store for purchase.
HIPAA Contingency Plan Overview and ROI
HIPAA Security Policy Overview & ROI
HIPAA Privacy Policy Overview & ROI
View HIPAA Security Policies and Procedures
Testimonials
