HIPAA Helps Page

Helping UMA member physicians understand and implement requirements of HIPAA

Disclosures of PHI to Law Enforcement Officials

University of Utah's Records Disclosure Policies - includes forms for responding to a Subpoena

AMA Fact Sheet Series on "5010" Electronic Transactions

Beginning Jan. 1, 2012, physicians will be required to use an updated version of Health Insurance Portability and Accountability Act (HIPAA) electronic transactions, commonly known as “5010.” To help you prepare for this compliance deadline, the AMA is developing a series of fact sheets on what practices need to know in order to successfully implement the 5010 standard transactions.

Below are the first and second fact sheets in what will be a series of six. The first provides background information on HIPAA and the standard transactions. The second is an overview of the tasks and estimated time frames needed to implement the 5010 standard transactions. Other fact sheets cover HIPAA terminology, changes in the 5010 transactions, testing the new transactions and enforcement of the transactions. They will be released in the next few months.

HIPAA 101 Fact Sheet

5010 Implementation Timeline

Visit the AMA's Web site at www.ama-assn.org/go/5010 to access these resources and additional information about the HIPAA standard transactions.

UMA HIPAA Security Seminar Materials

Doug Springmeyer's HIPAA Security Slide Presentation - PowerPoint file

Security Checklist - Microsoft Word Document

Security Officer Appointment Template - Microsoft Word Document

Electronic System Inventory Form - Microsoft Word Document

Security Rule Assessment - Microsoft Word Document

Security Training Log - Microsoft Excel Spreadsheet

Security Maintenance Log - Microsoft Excel Spreadsheet

WEDI "Small Practice Security Implementation White Paper" April 2004
http://www.wedi.org/snip/public/articles/dis_viewArticle.cfm?ID=221&wpType=2

UMA MediByte: Sample Forms & Documents

Dept. of Health & Human Services’ Dec. 3rd Guidance on HIPAA - Excellent resource!
Need Adobe Acrobat Reader to view/print this file. 123 pages, but worth the wait.

Massachusetts Medical Society’s Guidebook on HIPAA
Need Adobe Acrobat Reader to view/print this file. Includes sample office policies, employee training materials, accounting of disclosure forms, etc.

Sample Notice of Privacy Practices (Word Document)
Customizable Short Form (tri-fold)

Sample Authorization for the Release of Information (Word Document prepared by local health care attorney Janet I. Jensen)

Statement from Utah Dept. of Health re: Release of Information w/o Authorization
Need Adobe Acrobat Reader to view/print this file.

Sample Business Associate Agreement (Word Document prepared by U.S. Dept. of Health & Human Services)

Sample GAP Analysis Outline (Word Document provided by the law firm of Preston, Gates & Ellis, LLP, Tacoma, WA)

CMS Memo: Are Small Providers Covered Entities under HIPAA?
Need Adobe Acrobat Reader to view/print this file.

DataTrace CD on HIPAA Compliance Forms & Policies (Staff Training Resource)

Other Medical Association Sources

AMA website HIPAA resources
Top Ten Tips, Implementation Guides, Policies, etc.

AMA Guide to HIPAA Readiness

Massachusetts Medical Society HIPAA Resources - Great site!
MassMed has assembled useful links, questions/answers, and weekly HIPAA tips.

Federal Sources of Information

CMS Website on HIPAA
Centers for Medicare & Medicaid Services' HIPAA site

Department of Health and Human Services Administrative Simplification
Includes full-text of the rule in the Federal Register and access to all 9 HIPAA Implementation Guides and their Draft Addenda.