HIPAA Compliance

Monitor and manage HIPAA compliance requirements and documentation.

63%

Compliant

Overall Compliance Score

5 of 8 requirements met

Last audit: January 15, 2024

5

Compliant

2

Needs Review

1

Pending

Staff Training

Manage training records

Audit Logs

View system activity

Access Control

Manage permissions

Incidents

Report & track issues

Privacy Policy

Compliant

Notice of Privacy Practices for Protected Health Information

Privacy RuleCompliance OfficerReviewed: 1/14/2024Next: 7/14/2024

Attached Documents:

privacy-policy-v3.pdfnpp-signed.pdf

Security Risk Assessment

Needs Review

Annual assessment of technical, physical, and administrative safeguards

Security RuleIT SecurityReviewed: 6/19/2023Next: 1/19/2024

Attached Documents:

risk-assessment-2023.pdf

Business Associate Agreements

Compliant

BAAs with all third-party vendors handling PHI

Privacy RuleLegalReviewed: 1/9/2024Next: 1/9/2025

Attached Documents:

baa-supabase.pdfbaa-clerk.pdfbaa-cloudflare.pdf

Employee Training Records

Compliant

Documentation of HIPAA training completion for all staff

AdministrativeHRReviewed: 1/7/2024Next: 4/7/2024

Attached Documents:

training-completion-q1.pdf

Access Control Policies

Compliant

Role-based access controls for PHI systems

Security RuleIT SecurityReviewed: 1/4/2024Next: 7/4/2024

Attached Documents:

access-control-policy.pdfrbac-matrix.xlsx

Incident Response Plan

Needs Review

Procedures for responding to security incidents and breaches

Security RuleIT SecurityReviewed: 8/14/2023Next: 2/14/2024

Attached Documents:

incident-response-v2.pdf

Patient Authorization Forms

Compliant

Forms for patient consent and authorization

Privacy RuleCompliance OfficerReviewed: 1/11/2024Next: 1/11/2025

Attached Documents:

authorization-form.pdfconsent-template.pdf

Audit Controls

Pending

System activity logging and monitoring procedures

Security RuleIT SecurityNext: 1/31/2024