This session will focus on the development and implementation of the necessary policies and procedures for HIPAA compliance, for everything from Minimum Necessary to Breach Notification. The policy and procedure requirements will be identified, and the topics that should be covered for each of the rules will be enumerated. Typical policy language will be identified, with an emphasis on the need to customize and right‐size policies for each organization.

Furthermore, Privacy Rule topics will include everything from patient rights, like access and amendment of records, to uses and disclosures, such as how to define the appropriate routine and non‐routine uses and disclosures and the controls on their application. In addition, we will discuss Privacy Rule topics relating to the management of your HIPAA compliance, such as documentation and training.