HIPAA PHI Policy
Subscriber Content
Procedures for Handling Protected Health Information
This sample contains eight policies that outline procedures governing the handling of protected health information (PHI) in compliance with HIPAA security provisions.
Because HIPAA penalties are severe, and companies desire to manage both risk and liability with respect to HIPAA, these policies should be considered and followed when performing services for a client that is a covered entity or a business associate of a covered entity. While patient information must be available to health care professionals in the process of ensuring proper care, providers should avoid disclosing more patient information than needed to perform respective duties.