HIPAA Policy on Security Incident Procedures Template


Identify and respond to suspected or known security incidents. Mitigate harmful effects. Document security incidents and their outcomes.

Each of our HIPAA templates are in Microsoft Word format for easy editing. Each template is guaranteed to be fully HIPAA & HITECH compliant when properly implemented.


The HIPAA Policy on Security Incident Procedures governs responses to Security Incidents involving the breach or compromise of Protected Health Information for the covered entity. All personnel of a covered entity must comply with this policy. Demonstrated competence in the requirements of this policy is an important part of the responsibilities of every member of the workforce.

SAMPLE TEXT: ENTITY NAME has adopted this Policy regarding Security Incident Procedures in order to recognize the requirement to comply with the Health Insurance Portability and Accountability Act (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health (“HITECH”) Act of 2009 (Title XIII of division A and Title IV of division B of the American Recovery and Reinvestment Act “ARRA”) and the HIPAA Omnibus Final Rule (Effective Date: March 26, 2013). We acknowledge that full compliance with the HIPAA Final Rule is required by or before September 23, 2013.

Additional information



Applicable Section(s)

164.308(a)(6), 164.400 to 164.414

You may also like…

Go to Top