Writing a HIPAA-compliant privacy policy

Is it time for your medical office to comply with the Health Insurance Portability and Accountability Act (HIPAA)? There may be many reasons why you haven't tackled this challenge. However, in the increasingly interactive and electronic-based healthcare arena, it may be time to get on the compliance bandwagon and implement basic privacy procedures for your healthcare organization.

One important aspect of HIPAA compliance is developing a privacy policy that satisfies the guidelines and requirements for protecting a patient's individual medical information. Steve Giesecke, a healthcare and IT consultant who has more than 20 years of experience advising healthcare-related businesses, provides a systematic approach — and a template — to help you write a HIPPA-compliant privacy policy for your healthcare organization.

If you are already a HIPAA-covered entity, it may be time to streamline and simplify your collection of privacy policies and collapse them into a single policy that staff members will read and reference in their daily tasks.

The following information and templates can help you create a HIPAA-compliant privacy policy and privacy rights request form.

  • Develop a HIPAA privacy policy (Article)
    Steve Giesecke explains how to develop a privacy policy that meets HIPAA requirements.
  • HIPAA privacy policy (Template)
    Use this Word template to create a customized HIPAA-compliant privacy policy for your healthcare organization.
  • HIPAA privacy rights request form (Template)
    Use this Word template to provide patients with a HIPAA-required form that they can use to request access or amendments to their protected health information.
Applies to:
Word 2003