HIPAA Unique User I.D. Policy Template
HIPAA Unique User I.D. Policy Template
The Unique User I.D. Policy Template begins by outlining the purpose of the policy—to establish guidelines for issuing, maintaining and auditing user ID’s across all PHI systems. The template is then broken down into four simple sections: Authorization & Verification of Users, Issuance of Identifiers, Maintenance & Removal of Identifiers, and Security Requirements throughout Access Administration. In each section you can easily edit and customize your requirements to suit the specific needs of your organization, helping you remain in compliance no matter what changes arise in your system setup or administration practices.
This policy template helps to define the requirements when issuing Unique User Identifications, as mandated by HIPAA regulations. It covers requirements such as maintaining an inventory of user IDs; assigning unique IDs; monitoring users of Unique ID’s; revoking or disabling unique IDs when appropriate; and instituting measures to prevent unauthorized use of passwords associated with these IDs. The template also includes provisions for storing audit logs detailing all system activities initiated by individual users who have been assigned a Unique ID.
SAMPLE TEXT: ENTITY NAME has adopted this Unique User ID Policy in order to recognize the requirement to comply with the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health (“HITECH”) Act of 2009 (Title XIII of division A and Title IV of division B of the American Recovery and Reinvestment Act “ARRA”) and the HIPAA Omnibus Final Rule (Effective Date: March 26, 2013). We acknowledge that full compliance with the HIPAA Final Rule is required by or before September 23, 2013.
ENTITY NAME hereby acknowledges our duty and responsibility to protect the privacy and security of Individually Identifiable Health Information (“IIHI”) generally, and Protected Health Information (“PHI”) as defined in the HIPAA Regulations, under the regulations implementing HIPAA, other federal and state laws protecting the confidentiality of personal information, and under principles of general and professional ethics. We also acknowledge our duty and responsibility to support and facilitate the timely and unimpeded flow of health information for lawful and appropriate purposes.
Each of our HIPAA templates are in Microsoft Word (.docx) format for easy editing. Each template is guaranteed to be fully HIPAA & HITECH compliant when properly implemented.