Thursday, 24 January 2019 10:37

Set the Table for Compliance Featured

Written by

If you really want to protect the privacy of those you serve, it is important to establish a culture of vigilance within your organization.

Now, if that sounds like blah-blah, think again.  The culture of your organization is a real thing.  It is a silent, yet potent communicator of the values reflected in your leadership.  High ethical behavior at the top sets the expectations for all.  

During our January podcast-and-webinar series, we discussed the importance of a Code of Conduct as a starting point for a HIPAA compliance program.  Why?  Because it's a great vehicle for describing ethical standards that employees are expected to meet. If expectations aren't in writing, how are they to know? 

Basic elements of a Code of Conduct set forth principles of:

  • Leadership values
  • Respectful behavior 
  • Protection of privacy
  • Safety
  • Integrity

Importantly, the commitment should go both ways -- with leadership pledging a commitment to a healthy work environment and employees pledging good conduct. (Yes, pledges should be signed!)

Once the basic standards are set, then there is context for the details of HIPAA compliance relating to safety and security.  

If you are a subscriber to MyHIPAA Guide, email Brenna Hughey at This email address is being protected from spambots. You need JavaScript enabled to view it. for a Code of Conduct template if you do not have it already. 

To learn more about our  HIPAA compliance program tailored for dentistry, visit

For our program tailored to residential providers, visit





Read 151 times Last modified on Thursday, 24 January 2019 12:25

10 Step HIPAA Plan

  • Step 1: Make Sure you Must Comply with HIPAA +

    What's Inside:
    Lists of who is generally covered and who is not, plus contact for inquiries.
  • Step 2: Designate Team Leaders +

    What's Inside:
    • 7-page HIPAA basics
    • 62-page guide to security and privacy of ePHI
    • Compliance Charter Template
  • Step 3: Develop Security Policies & Procedures +

    What's Inside:
    Templates for Security Policies and Procedures
  • Step 4: Conduct a security risk analysis +

    What's Inside:
    • Guides
    • Short videos
    • Interactive quizzes on risk assessment and contingency preparation
    • 10 common myths

    Interactive tutorial – 156 questions with fill-able PDFs for Windows or iPad. All material from federal sources.
  • Step 5: Develop an action plan +

    What's Inside:
    • 11-page overview on ePHI for small practices
    • 4-page Q&A addresses email with patients
    • Checklists

    Toolkit on 45 implementation specifications
  • Step 6: Reduce Risks of a Breach +

    What's Inside:
    • Overview of expectations
    • Annual Work Plan Template
  • Step 7: Train the Team +

    What's Inside:
    • Form for reporting breach notification
    • Links to details on the notification process and what constitutes a breach.
    • Suite of Training Materials
  • Step 8: Customize Privacy Notices +

    What's Inside:
    FOR ALL:
    • Privacy notice templates to help achieve meaningful consent, in English & Spanish.

    • Professionals' guide covering 2013 updates on communications.

    • Electronic toolkit with patient education and meaningful consent sample materials.
  • Step 9: Execute Business Associate Agreements +

    What's Inside:
    • Sample Business Associate Agreement (BAA) provisions
    • Suite of BA Management Tools
  • Step 10: Verify Compliance with HIPAA +

    What's Inside:
    • Tip sheets
    • Short videos
    • Overviews

    • 94-page guide on the EHR incentive program
    • Beginners' toolkit on reporting to the government

    All from federal sources.
  • 1


Member Access