WEBINAR: How To Write and Adopt HIPAA Policies & Procedures
Course Curriculum
This session will explore the requirements for various policies under HIPAA and present a way of organizing policies to facilitate their use and maintenance. Typical policy content will be described, and processes for policy adoption and regular review will be explained. Sources for sample policy content and guidance will be identified. Additionally, an outline for HIPAA policy organization will be laid out, including a framework of categories of policy types and the typical policy elements that would occur in each category. The policies will be organized into six categories, including 1) the Information Privacy and Security Management Process policy, 2) the Information System User policy, 3) the Access Control policy, 4) the Information Security Incident Management policy, 5) policy on uses and disclosures of protected health information (PHI) and 6) policy on individual rights and HIPAA.
Speaker
Jim Sheldon-Dean
Lewis Creek Systems, LLC
Jim Sheldon-Dean a frequent speaker regarding HIPAA, including speaking engagements at numerous national health care association conferences and conventions, and the annual NIST/OCR HIPAA Security Conference. Jim has more than 16 years of experience specializing in HIPAA compliance, more than 34 years of experience in policy analysis and implementation, business process analysis, information systems and software development, and eight years of experience as a Vermont certified volunteer emergency medical technician.
Learning Objectives
At the conclusion of this session, participants will be able to:
- Discuss the topics that should be represented in a set of HIPAA Policies.
- Organize policies into logical groupings to simplify finding and using them.
- Differentiate between policies and procedures, what belongs in each, and how often they should be reviewed and updated.
- Describe the essential elements of policies, and how to adopt them.