HIPAA COMPLIANCE CHECKLIST - 2012/2013
Name


A red asterisk (*) indicates required questions.

  1. Employees are regularly locking computers when away from their workstations*


  1. Conversations regarding SVA billing and coding activity are not in public areas.*


  1. Staff protect their ID and password. They are and not in plain view at workstations.*


  1. An employee is not sharing another employee's workstation while logged in. Work is not done under another employee's login.*


  1. Staff are not using the preview pane to view e-mail on their inboxes.*


  1. Employees are not leaving shredding paperwork at their desk overnight.*


  1. Fax machines are checked nightly for any unclaimed faxes and properly stored. *


  1. Paper records are stored or filed in such a way as to avoid observation by those who are not authorized.*


  1. Shredding bins are kept locked.*


  1. Confidential patient information is not left in unattended areas. *


  1. Employee access to IDX and other applications is current for their assigned clients. Employees have had access removed for clients they are no longer working on.*


  1. Visitors have been restricted to conference rooms or other public areas.*


  1. Computer monitors are positioned so PHI is not readily available to those who are not authorized.*


  1. Confidential information/PHI is out of sight or turned over when employees are away from workstations.*


  1. Current work is available to team leaders and supervisors and is never kept in a locked drawer or on the floor. *


  1. Checks and cash are locked up overnight.*


  1. Computers and scanners are shut down completely at end of day, unless otherwise authorized.*


  1. Privacy/confidentiality/security signs are posted for custodial staff.*


  1. Signs restricting access are posted.*


  1. Security doors (server room, office) are locked and operational.*





SVA Professional Services