Chapter 21 Checklists

In this chapter, a list of policies and procedures is provided that a covered entity and a business associate should have implemented within their organizations. Along with the policies and procedures, most assessors or auditors will want to take a look at the documents included in the document request list provided.

21.1 Policies and Procedures

Covered entities and business associates should have policies and procedures that address the following:

Establishing and terminating users’ access to systems housing electronic protected health information (EPHI).
Emergency access to electronic information systems.
Inactive computer sessions (periods of inactivity).
Recording and examining activity in information systems that ...

Get The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules by J. Trinckes Jr.

Chapter 21

Checklists

21.1 Policies and Procedures

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly