The Basic HIPAA Compliance Checklist Every Private Practice Needs

38 HIPAA Compliance Requirements

There are four groups of guidelines every healthcare provider MUST follow to be HIPAA compliant:

• Privacy Rules
• Security Rules
• Breach Notification Rules
• Enforcement Rules

HIPAA privacy rules identify when protected health information may be used and disclosed. This includes past, present, and future conditions, payment for healthcare, and the provision of healthcare to a patient.

Security rules cover the safeguards you need to implement to stay compliant. This includes confidentiality measures, threat and risk management, and ensuring a compliant workforce.

Breach notification rules require you to alert relevant parties of information breaches. Relevant parties include the affected individuals, the HHS, and possibly the administrator of whichever channel created the breach.

Notifications should be provided within 60 days of the discovery of a breach, and those less than 500 individuals should be submitted to HHS annually.

Enforcement rules outline how you should respond to breaches, investigations, penalties, and procedures for hearings.

To make sure you’re in compliance with all of the above, check off all 38 compliance measures in the checklist below. Download a PDF version of the full checklist here.

HIPAA Compliance Checklist PDF (38 Guidelines)

The following checklist contains six major compliance items. Each one has a list of tasks to complete to ensure compliance. In total, there are 38 HIPAA compliance measures to check off. 

Want more information on HIPAA compliance?

Check out these related articles:

13 HIPAA Social Media Guidelines & Tips

4 Social Media HIPAA Violations That Are Shockingly Common