Please describe your business or profession to assist in determining your compliance obligations.
Federal health information privacy regulations (45 C.F.R. § 164.530) and certain state laws require implementation of appropriate administrative, technical and physical safeguards to protect the privacy of personally identifiable health information (also referred to as "protected health information" - PHI). Other federal and state laws also require protection of sensitive personal and financial information.
Organizational and Management Practices
The following questions relate to information management; however, licensed professionals such as health care practitioners should seek competent advice (attorneys, accountants) to ensure the proper licensing, registration, and organization of their business.
These questions are limited to information management; but, you should review employment contracts and policies. Make sure you understand the differences between independent contractors and employees.
Physical Security Practices
For example, do you have recorded video surveillance or electronic access that logs user access to the facility?
Information Security Practices
Information Integrity Practices
Incident Response Practices
This field is for validation purposes and should be left unchanged.