Re: HIPAA Documentation?

["Jefferson, Ronnie V." <RVJefferson () ST-AUG EDU>]

I'd be interested in seeing something similar to what Phil requested as
well.

Ronnie Jefferson
VP for Information Technology/CIO
Saint Augustine's College
Center for Information Technology
1315 Oakwood Avenue
Raleigh, NC 27610
(919) 516-4379 (V)
(919) 516-4382 (F)
rvjefferson () st-aug edu
www.st-aug.edu


-----Original Message-----
From: Rodrigues, Philip [mailto:phil.rodrigues () UCONN EDU]
Sent: Thursday, December 11, 2003 3:59 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] HIPAA Documentation?


Hi all,

I wear a lot of hats at UConn.  One of them is "security policy guy",
which is my least favorite hat.

Our HIPAA consultants are here and making a great attempt to get our
policies and procedures into shape, so we are "in compliance".  However,
most of the sample policies they have brought are based on State and/or
Corporate models, and don't always fit nicely.

Does anyone have their HIPAA policies and procedures done, or close to
done, and in a publicly accessible place?  Is there an Educause policy
template for this?

Has anyone completed the holy grail and adjusted their University
policies so that HIPAA is just a sub-set of the master documents?

Thanks,

Phil
--

=======================================
Philip A. Rodrigues
Network Analyst, UITS
University of Connecticut

email: phil.rodrigues () uconn edu
phone: 860.486.3743
fax: 860.486.6580
web: http://www.security.uconn.edu
=======================================

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.