The HIPAA Omnibus Rule Toolkit: A Covered Entity and Business Associate Guide to Privacy and Security
Kate Borten, CISSP, CISM
The HIPAA Omnibus Rule is a compilation of new regulations pertaining to HIPAA privacy and security long awaited by the healthcare industry and supporting businesses. This toolkit updates The HIPAA and HITECH Toolkit to help covered entities and business associates understand and comply with the new requirements.
Don't become a violation statistic
This toolkit explains HIPAA terminology and provides information about the Security Rule, the Breach Notification Rule, and Administrative Simplification Penalties. It includes information about selecting and tracking business associates and a sample agreement. It also includes a PowerPoint® training presentation and sample policies pertaining to confidential data protection, security of portable devices, encryption of confidential information, off-site computers and media security, and disposal of confidential materials.
The HIPAA Omnibus Rule Toolkit CD-ROM includes information and sample documents to supplement policies and tools that you may already have, including:
- Business associate agreement
- Business associate tracking form
- Questions to ask when selecting business associates
- Final Breach Notification Rule information
- Encryption of confidential information policy
- Working off-site policy and user agreement
- Disposal policy statement
- PowerPoint® privacy and security training presentation
Download, customize, and put these tools to work for you right away.
The accompanying handbook explains:
- The HIPAA Omnibus Rule
- Privacy Rule changes pertaining to protected health information, specifically access, sale, fundraising, marketing, and requested restrictions
- Breach Notification changes
- Final Enforcement Rule
Who needs The HIPAA Omnibus Rule Toolkit?
- All business associates, including but not limited to coding and transcription services, third-party billers, collection agencies, certain software vendors, certain attorneys and auditors, and disposal services
- All personal health record vendors and their service providers
- All covered entities, including hospitals, healthcare systems, clinics, physician offices, and medical practices
- Privacy and information security officers, compliance officers, and risk management officers, administrators, and executives
Published: September 2013