top of page

HIPAA Policy and Procedure Implementation

HIPAA policies and procedures

The Problem

It's a fact: Most people don't enjoy writing policy and procedure documentation.  And when policies and procedures are created, they are often unorganized and lack important details that are required to comply with the HIPAA Rules.

We've seen what other HIPAA consulting companies offer and frankly, don't understand how anyone is supposed to implement and maintain those overwhelming, bloated volumes of information.

Our Solution

Our exclusive focus is the HIPAA Rules and we offer two products that allow a Covered Entity (CE) or Business Associate (BA) to demonstrate compliance and learn HIPAA requirements.  The first is our Security Rule series, where we break down each HIPAA Security Rule standard and implementation specification.  Next, each citation is aligned to one of nine organized policy documents that a CE or BA – sized from a practice group (or managed service provider) to a critical access sized hospital – can manage:

Policy develoment

We then check the Office of Civil Rights Audit Protocol and include any additional requirements:

OCR Audit Protocol

Finally, we use our practical experience to draft a fully referenced policy and procedure document that even the busiest HIPAA Security Officer can understand and implement:

Our second product is a complete set of HIPAA Privacy and Breach Notification Rules appropriate for a Business Associate company.  Like our Security Rule series, these policy documents are fully referenced and should provide a BA a product that they can use to demonstrate their compliance with a Covered Entity or with US Health and Human Services Office of Civil Rights (OCR).

Our Service

There is no need to struggle or feel buried in volumes of paper when you can count on Proteus Consulting to make your HIPAA documentation top-shelf, OCR ready. When you purchase a Proteus Policy and Procedure document, we will provide consulting services to help customize the document to your organization. No one can claim a "ready-out-of-the-box" Security Rule policy or procedure – every organization is different and so are their policies and procedures.

bottom of page