HIPAA Information Security Policies and Procedures Manual

The HIPAA Information Security Policies and Procedures Manual is an incredibly in-depth, 240 + pages of industry leading information security documents that’s mapped directly to the HIPAA Security Rule provisions. Developed by industry leading healthcare compliance and I.T. experts, the manual contains dozens of essential policies and procedures for ensuring compliance with all mandated HIPAA information security subparts for 164.308 to 164.316, and other essential areas within the broader subject of information security, cyber security, and regulatory compliance.


View the Table of Contents and Sample Policies and Procedures to learn more about the depth and quality of the HIPAA Information Security Policies and Procedures Manual. Topics covered include all HIPAA Security Rule mandates, along with dozens of other essential security initiatives, such as Layered Security, Cloud Computing, Acceptable Uses of technology, and so much more. It’s simply the finest, most in-depth HIPAA Information Security Policies and Procedures Manual found anywhere today! Price: ($349.99) 

Document Length: 244 pages.

File Format: Microsoft Word

Topics Covered:

  • §164.308(a)(1)(i): Security Management Process Policies and Procedures
  • §164.308(a)(1)(ii)A – B: Risk Analysis and Risk Management Policies and Procedures
  • §164.308(a)(1)(ii)C: Workforce Member Sanctions Policies and Procedures
  • §164.308(a)(1)(ii)(D): Information System Activity Review Policies and Procedures
  • §164.308(a)(2): Assigned Security Responsibility
  • §164.308(a)(3)(i): Workforce Security
  • §164.308(a)(3)(ii)(A): Authorization and/or Supervision Policies and Procedures
  • §164.308(a)(3)(ii)(B): Workforce Clearance Procedures
  • §164.308(a)(3)(ii)(C): Termination Procedures
  • §164.308(a)(4)(i) - §164.308(a)(4)(ii)C: Information Access Management
  • §164.308(a)(5)(i): Security Awareness and Training
  • §164.308(a)(5)(ii)(A): Security Reminders
  • §164.308(a)(5)(ii)(B): Protection from Malicious Software
  • §164.308(a)(5)(ii)(C): Log-in Monitoring
  • §164.308(a)(5)(ii)(D): Password Management
  • §164.308(a)(6)(i) - §164.308(a)(6)(ii): Security Incident Procedures
  • §164.308(a)(7)(i): Contingency Plan
  • §164.308(a)(7)(ii)(A): Data Backup Plan
  • §164.308(a)(7)(ii)(B): Disaster Recovery Plan
  • §164.308(a)(7)(ii)(C): Emergency Mode Operation Plan
  • §164.308(a)(7)(ii)(D): Testing and Revision Procedures
  • §164.308(a)(7)(ii)(E): Applications and Data Criticality Analysis
  • §164.308(a)(8): Periodic Technical and Nontechnical Evaluations
  • §164.310(a)(1) - §164.310(a)(2)(iv): Physical Safeguards Policies and Procedures
  • §164.310(b) – (c): Workstation Use and Workstation Security Policies and Procedures
  • §164.310(d)(1): Device and Media Controls
  • §164.310(d)(2) - §164.310(d)(2)(iv): Data Retention, Disposal, Media Re-use, and Accountability Policies and Procedures
  • §164.312(a)(1): Access Control
  • §164.312(a)(2)(i): Unique User Identification
  • §164.312(a)(2)(ii): Emergency Access Procedure
  • §164.312(a)(2)(iii): Automatic Logoff
  • §164.312(a)(2)(iv): Encryption and Decryption 
  • §164.312(b): Audit Controls

View sample content from the HIPAA Information Security Policies and Procedures Manual:

They Trust Us!

MercyHealth Carninar for Mental Health Health Plan Finder The Citadel
NCMIC Oklahoma Health Insurance Network Kraft BlueCross BlueShield
  • Let’s be honest, nobody likes developing policies and procedures, yet the documentation we received from your company was simply second to none – professionally written, and incredibly thorough.

    Regions Insurance | Healthcare Division

  • Expert Documentation that’s about as good as it gets. Saved our business tens of thousands of dollars and hundreds of operational man-hours for HIPAA compliance.
    Mercy Health Logo

    Mercy Health | Cincinnati, Ohio

  • Great material, especially the fact that everything needed for HIPAA compliance is included – policies, a risk assessment program, training material – it’s all there.
    Lloyds Logo

    Lloyds of London Health Insurance Syndicate

  • The HIPAA risk assessment packet alone was worth every penny, and that’s just one of many sections received, so we were very impressed by this product.
    Coventry Logo

    Coventry Health | North America

  • HIPAA compliance without this toolkit would have been almost impossible. The material is very well-written and incredibly comprehensive, yet easy-to-use.
    Oaks Medical Center Logo

    Oaks Medical Center | Houston, Texas

Toolkit background

Get a Free Trial Toolkit

Get immediate access to essential forms, templates, checklists, system hardening checklists, and so
much more with the HIPAA free trial toolkit!

Get in touch with us

Flat Iron Technologies, LLC
Office Locations

  • Austin
    700 Lavaca Street, Suite 1400
    Austin, Texas 78701
    (800) 554-1829, ext. 801
  • Charlotte
    15720 Brixham Hill Avenue, Suite 200
    Charlotte, North Carolina 28277
    (800 ) 554-1829, ext. 802
  • Denver
    50 South Steele Street, Suite 250
    Denver, Colorado 80209
    (800) 554-1829, ext. 803
  • New York
    116 West 23rd Street, Suite 500
    New York City, New York 10011
    (800) 554-1829, ext. 804
  • Southern California
    7700 Irvine Center Drive, Suite 800
    Irvine, California 92618
    (800) 554-1829, ext. 805