Cybersigma Consulting Services
Health Insurance Portability and Accountability Act(HIPAA) Form
Personal Information
*
Name:
*
Email:
*
Contact No.
*
Company Name:
*
Health Information
*
What types of health information does your organization collect?
How is this health information obtained (e.g., patient forms, electronic health records, etc.)?
Where is the health information stored (physical locations and systems)?
What security measures are in place to protect stored health information?
How is health information transmitted within the organization?
What encryption methods are used for transmitting health information?
Who has access to patient health information within the organization?
Are access levels and permissions regularly reviewed and updated?
Yes
No
Are employees trained on HIPAA regulations and data security practices?
Yes
No
How often is this training conducted?
How is the security of this information ensured when shared with external entities?
What procedures are in place to respond to a security incident or data breach?
Is there a designated person or team responsible for managing incidents?
Yes
No
Are there any third-party entities or business associates that handle patient health information?
Yes
No
Has a risk assessment been conducted to identify potential vulnerabilities and threats to health information?
Yes
No
Are there mechanisms in place to track and monitor access to health information?
Yes
No
Are there documented policies and procedures related to HIPAA compliance?
Yes
No
What measures are in place to mitigate identified risks?
How are audit logs reviewed and analyzed?
How often are these documents reviewed and updated?
What physical security measures are in place to protect facilities where health information is stored or processed?
How are devices (computers, smartphones, etc.) that handle health information managed and secured?
Specify the organization's record retention policies for PHI
Submit
Cybersigma Consulting Services©
