Basic HIPAA Checklist

Developing Your Basic HIPAA Checklist

Basic HIPAA ChecklistEven though HIPAA regulation can seem rather complex, there are some HIPAA basics that can give you an idea for where to get started. We have provided a few key suggestions for you to use for developing your own basic HIPAA checklist.

There are various different HIPAA definitions and HIPAA basics that can help your behavioral health practice start implementing an effective HIPAA compliance program. HIPAA compliance helps ensure that the sensitive health care information you deal with on a daily basis does not become exposed due to data breaches, cyber-security incidents, or improper disclosures caused by simple human error.

HIPAA and PHI Basics

HIPAA is a set of national regulatory standards meant to ensure the security and privacy of protected health information (PHI). PHI is any demographic information that can be used to identify a patient. HIPAA regulation identifies 18 distinct demographic indicators that are considered PHI, which include:

  1. Name
  2. Address (including subdivisions smaller than state such as street address, city, county, or zip code)
  3. Any dates (except years) that are directly related to an individual, including birthday, date of admission or discharge, date of death, or the exact age of individuals older than 89
  4. Telephone number
  5. Fax number
  6. Email address
  7. Social Security number
  8. Medical record number
  9. Health plan beneficiary number
  10. Account number
  11. Certificate/license number
  12. Vehicle identifiers, serial numbers, or license plate numbers
  13. Device identifiers or serial numbers
  14. Web URLs
  15. IP address
  16. Biometric identifiers such as fingerprints or voice prints
  17. Full-face photos
  18. Any other unique identifying numbers, characteristics, or codes

Understanding PHI is the key to understanding HIPAA. For that reason, everything your behavioral health business does to become HIPAA compliant should be geared toward maintaining the confidentiality, integrity, and availability of PHI.

Developing Your Own Basic HIPAA Checklist

Here are a few considerations for building your own basic HIPAA checklist for building your HIPAA compliance program:

  • Identify sources where PHI is maintained and implement the proper physical, technical, and administrative security safeguards.
  • Identify a member of your staff to serve as the Compliance Officer. The Compliance Officer should be the point person for all compliance efforts moving forward, and will help streamline the HIPAA compliance process.
  • Take an inventory of all devices that are used to access, store, or transmit PHI. Ensure that these devices and properly secured with anti-malware software, encryption, back-up, and password protection. You can also begin to craft an asset and device policy to control the use of these devices to mitigate the risk of a PHI breach. Download the free HIPAA Risk Assessment tool provided by HIT.gov to help with this process. Conducting regular HIPAA assessment is a requirement for all covered entities.

Note that even if your practice implements all of these building blocks, these are only pieces of HIPAA compliance and will not render your business compliant. In order to properly maintain the privacy and security of PHI, a total HIPAA compliance program that addresses each of the HIPAA regulatory standards must be in place.

HIPAA Resources

Recent Webinar: Cyber-Attacks: Top 5 Things You Can Do Tomorrow Morning to Protect Your Practice

Recent Webinar: Social Media and HIPAA Compliance: Protecting Your Practice in the Digital Age

Visit our other On-Demand Webinars

Compliancy Group gives behavioral health professionals confidence in their HIPAA compliance with The Guard®. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance. Compliancy Group’s team of expert Compliance Coaches® field questions and guide users through the implementation process, taking the stress out of managing compliance. The Guard is built to address the full extent of HIPAA regulation, including guided walkthroughs of HIPAA Risk Assessments. With The Guard, behavioral health professionals can focus on running their practice while keeping their patients’ data protected and secure. Find out more about how Compliancy Group and the HIPAA Seal of Compliance® can help simplify your HIPAA compliance today!


Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.



Rate this post!

(3 raters, 15 scores, average: 5.00 out of 5)

Leave a Reply

Name and email are required. Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.