UAMS.EDU

HIPAA Policies

Privacy and Security Policies

  • HIPAA policies can also be viewed on the internal Compliance 360 web site without a need to login. Select the catalog tab to view policies in a list format
  • HIPAA Definitions
  • 2.1.11 Accounting for Disclosures
  • 2.1.39 Audit Controls for Confidential Information
  • 2.1.29 Authorized Remote Use of Confidential Information
  • 2.1.18 Business Associate Policy
  • 2.1.34 Computer Device Custodial Practices to Protect Confidential Information
  • 2.1.27 Confidential Shred Bin Usage
  • 2.1.01 Confidentiality
  • 2.1.16 De-Identification of PHI and Limited Data Set Information
  • 2.1.41 Disaster Recovery
  • 13.1.03 Disclosures to the Media
  • 2.1.31 Email Access and Usage
  • 2.1.40 Enterprise Data Integrity and Encryption
  • 2.1.38 Facility Physical Access Controls
  • 2.1.04 Faxing of Protected Health Information or Other Confidential Information
  • 2.1.33 Generic Accounts
  • 2.1.15 HIPAA Education and Training
  • 2.1.12 HIPAA Research Policy
  • 2.1.42 HIPAA Sanctions Policy
  • 2.1.25 Identity Theft Protection
  • 2.1.30 Information Access for Transfers and Terminations
  • 2.1.35 Information Access Management
  • 2.1.37 Information Security Password Management Policy
  • 2.1.36 IT Risk Analysis and Risk Management of Electronic Systems
  • 2.1.32 IT Security Incident Identification and Handling Policy
  • 2.1.24 Job Shadowing
  • 2.1.10 Minimum Necessary
  • 2.1.07 Mitigation of Uses/Disclosures in Violation of HIPAA
  • 2.1.02 Mobile Device Management
  • 2.1.06 Notice of Privacy Practices
  • 2.1.19 Patient Information Restriction Requests
  • 2.1.26 Patient Photography
  • 2.1.17 Patient Request to Amend PHI
  • 2.1.43 Phishing and Fraud
  • 2.1.20 Policy on Use of PHI for Fundraising
  • 2.1.28 Protected Health Information Breach Notification and Reporting
  • 2.1.09 Psychotherapy Notes
  • 2.1.05 Release of Patient Directory Information
  • 2.1.08 Reporting HIPAA Violations
  • 2.1.03 Request for Alternative Method of Communications of Protected Health Information
  • 2.1.14 Request for Data Extracts
  • 2.1.23 Safeguarding PHI
  • 2.1.32 Security Incident Identification and handling
  • 2.1.13 Use and Disclosure of PHI
  • 2.1.21 Use of PHI for Marketing
  • 2.1.22 Verification of Identity