HIPAA Privacy and Security Policy


Use this HIPAA Privacy and Security Policy for a group health plan to satisfy the regulatory requirement that it set forth the written policies and procedures that it will follow to ensure its compliance with the privacy, security and breach notification requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). 45 C.F.R. § 164.530(i). This template contains practical guidance and drafting notes. For a full listing of related data security & privacy content for first-year associates, see First-Year Associate Resource Kit: Data Security and Privacy. For information on the HIPAA privacy rule, see HIPAA Privacy, Security, Breach Notification, and Other Administrative Simplification Rules — What Safeguards, Policies, and Procedures Are Needed for Privacy Rule Compliance? For an additional discussion about HIPAA, see HIPAA Resource Kit.