SAMPLE DOCUMENTS SAMPLE HIPAA POLICIES – Fully insured health plans that are hands-off PHI •
Sample HIPAA Privacy Policy
•
Sample HIPAA Security Policy
•
Sample Breach Notification Policy
SAMPLE HIPAA POLICIES – Fully insured health plans that are hands-on PHI and self-insured health plans •
Sample HIPAA Privacy Policy
•
Sample HIPAA Security Policy
•
Sample Breach Notification Policy
OTHER SAMPLE DOCUMENTS •
Sample health plan amendment
•
Sample plan sponsor certification
•
Sample business associate agreement
•
Sample Notice of Privacy Practices (Privacy Notice)
•
Sample notice of availability of Privacy Notice (self-insured health plans)
•
Sample HIPAA Authorization
Caution These sample HIPAA policies and related documents are based on hypothetical employers and health plan designs and are provided for educational and illustrative purposes only. They will not apply to every employer’s situation, and they must be customized for a specific employer’s circumstances. These sample policies are not exhaustive— depending on an employer’s situation, additional policies may be required. Nothing in this toolkit should be considered as legal advice, including these sample documents. Employers should work with knowledgeable benefits counsel to obtain legal advice on HIPAA compliance.
35
