Health Information Privacy Compliance Resources

6 Critical Factors for Effective Information Security & Privacy Policies

Avoiding Common Mistakes in Information Security and Privacy Training and Awareness Programs

CEs and BAs: Be HIPAA/HITECH Compliant Or Pay A Hefty Penalty

HIPAA And Surveillance In Hospitals

HIPAA HITECH Compliance Work Plan by Rebecca Herold, The Privacy Professor

Information Security & Privacy Compliance Program Work Plan

Based upon the work plan created for Compliance Helper, which includes all the documentation referenced within this plan.

See more at

http://www.compliancehelper.com. © Rebecca Herold & Associates, LLC. All rights reserved. Page 1

The following is a high-level work plan to create an information security and privacy program to meet

compliance with HIPAA, HITECH and other regulatory and contractual requirements. The areas listed

will vary depending upon the organization’s business model, size, number of geographic locations, other

applicable legal requirements, and any other unique factors. Each organization should use this as a

starting point and change appropriately for its own unique business situation.

HIPAA/HITECH Etc. Retention: Does Your Reality = Your Requirements?

How Information Security, Privacy Training, and Awareness Benefit Business

Information Security and Privacy Training and Awareness for Business Partners: Their Lack of Knowledge Will Be Your Pain

It’s Not the Size That Counts - HIPAA Regulatory Requirements

Keeping Up With The Breach Notice Laws: 4 Common Misconceptions

Privacy Perplexities

U.S. State & Territories Breach Notification Laws as of July 20, 2009

Who Are Your Business Associates?

You Will Be Judged By The Company You Keep - audits of business associates

CEs and BAs: Be HIPAA/HITECH Compliant Or Pay A Hefty Penalty (PDF)