HIPAA Security Policy Compliance

The HIPAA Compliance Challenge

To effectively implement a cyber program for HIPAA (HiTECH), organizations must develop, document and deliver and set of information security controls that cover Administrative, Physical and Technical Safeguards.

The “Made Easy” Compliance Solution

Forget the expensive consultants and complex software systems that take weeks to deploy!  ComplianceShield enables your organization to develop a HIPAA information security program in minutes!  Save thousands with our complete library of HIPAA Security Policy Templates.

See Bob’s Compliance Journey with ComplianceShield

ComplianceShield streamlines the development of a HIPAA-compliant program one complete, integrated dashboard.  Save thousands with our pre-built HIPAA Baseline Templates.

Pre-Built Cyber Security Control Baselines

The following sections of the HIPAA Security Final Rule are addressed by specific policies in ComplianceShield:

Administrative Safeguards
Security Management Process 164.308(a)(1)
Assigned Security Responsibility 164.308(a)(2)
Workforce Security 164.308(a)(3)
Information Access Management 164.308(a)(4)
Security Awareness and Training 164.308(a)(5)
Security Incident Procedures 164.308(a)(6)
Contingency Plan 164.308(a)(7)
Evaluation 164.308(a)(8)

Business Associate Contracts and Other Arrangement 164.308(b)(1)

Physical Safeguards
Facility Access Controls 164.310(a)(1)
Workstation Use 164.310(b) and Workstation Security 164.310(c)
Device and Media Controls 164.310(d)(1)

Technical Safeguards (Sec. 164.312)
Access Control 164.312(a)(1)
Audit Controls 164.312(b)
Integrity 164.312(c)(1)
Person or Entity Authentication 164.312(d)
Transmission Security 164.312(e)(1)

Policies and Procedures and documentation Requirements 164.316
Policies and Procedures 164.316 (a)
Documentation (Maintain the policies and procedures in written form) 164.316 (b)