If you’re just starting out in the health care industry, or you just haven’t gotten the rundown, HIPAA is the Health Insurance Portability and Accountability Act.

Essentially, the Act – which was established in 1996 – required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop regulations to protect the privacy and security of patient's health information. 

It mandates industry-wide standards for the protection of medical and personal information for billing and other processes that require the storage or transfer of sensitive health information.

HIPAA is split into two rules:

HIPAA Privacy Rule

HIPAA Security Rule

As technology necessarily becomes more and more integrated as a tool of the industry, it adds a greater security risk for patient information, making the Security Rule the most pertinent for most health providers these days.

The HIPAA Security Rule exists as a bridge to allow health providers to explore and adopt new technologies, while minimizing security risks and ensuring that PHI is not available to unauthorized persons.

If you’re not a technical person, or you don’t have the time to create procedures and documents that are HIPAA compliant, we can help!

With over 20 years of experience in the industry, the consultants at 3 Pie Squared can help you ensure that you are HIPAA compliant.

We can also help with HR issues, payroll, insurance billing, insurance audits, website design, and programming. 

We are multi-talented like that!

If you’re not sure that the servers you’re using to store patient information fit the bill, we can help you put the technical safeguards in place to make sure that they do. Or, if you’d rather, you can store information on our HIPAA compliant servers instead. 

Want to see what the handbooks look like, need start up support, or would like to set up a HIPAA evaluation? Book a free 60 minutes consult here!

HIPAA Policies

HIPAA Policies
Add to Cart More Details..
The HIPAA Policies have over 258 pages, with over 32,000 words of compliance policies that every ABA company needs, such as: Notice of Privacy Practices, HIPAA security policies, breach risk assessment, business associate agreement, compliance training. Also included is an 85 page power point training and a HIPAA review quiz!    
We now include a state supplement so not only do we have federal guidelines but we have state regulations too!

Table of Contents

HIPAA Compliance Manual 8

Introduction 11

Minimum Uses and Disclosures of Protected Health Information 13

Uses and Disclosures of Protected Health Information 25

Accounting of Disclosures of Protected Health Information 33

Designated Record Set 38

Medical Privacy Policy 42

Notice of Privacy Practices 46

HIPAA Security Policy 57

HIPAA Security Management Policy - ePHI 64

Best Options for Securing Electronic Data or EPHI 68

Information Security Incident Response Policy 69

System Audit Review Template 83

Bring Your Own Device Policy 86

HIPAA Electronic Messaging Standards 97

Photographing, Video Recording, Audio Recording, And Other Imaging of Patients, Visitors, and Workforce Members 112

HIPAA Records Retention Policy 119

HIPAA Procedures for Destruction and Removal of PHI from Computer Hardware/Media 121

Complaint Policy 127

All officers, agents, and employees of {Company Name} must adhere to this policy. {Company Name} will not tolerate violations of this policy. 149

Violations of this policy are grounds for disciplinary action up to and including termination of employment and criminal or professional sanctions. 149

HIPAA Sanctions Policy 149

HIPAA Termination of Access Procedure 156

HIPAA Business Associate Agreement 158

Business Associate Compliance Check 170

De-Identification of Protected Health Information 174

HIPAA Authorization for Release of Protected Health Information 178

Checklist for Valid Authorization 186

Visitor Log 189

 Device Log 190

Continuity of Care Plan 191

Emergency Response Plan 209

Disaster Recovery Plan 214

Contingency Plan and Procedures for Backup, Recovery and Emergency Preparedness 220

Contingency Plan Assessment for Electronic Health Records and Health Information Exchange 225

Data Backup Plan 229

Emergency Mode Operation and Disaster Recovery Plan 232

HIPAA Incident Report and Response Form 234

HIPAA Compliance Training 241

HIPAA Compliance Quiz 242

HIPAA Risk Assessment Checklist 261

Cost: $800.00

HIPAA Online Forms

Select Option More Details..

Now, you don't have to worry about creating electronic forms on a website that doesn’t meet HIPAA guidelines. Because, you can use ours! The forms are prebuilt and can be customized by us, just for you. All you need to do is put the link on your website. And you’re done! 

We sign a BAA (business associate agreement), and you can trust your client's PHI (protected health information) is safe and secure!  Each unique form you purchase can be submitted 100 times a day!  We will create any of the following options or if you have your own custom forms we can give you a quote on the cost.  

  • New client application
  • Client handbook with medical questionnaire
  • Client satisfaction survey
  • Client complaint          
  • Incident report
  • Consent          
  • Client risk assessment
  • Authorization torelease
  • Job application
  • Client History
  • Authorization for assessment
  • Financial agreement
  • Clinic pick-up authorization
  • Send us you custom forms and we will quote them for you!

Starting at: $20.00 per Month
Select Option More Details..

Our Consultants

Stephen Smith:

Stephen Smith is the owner of 3 Pie Squared LLC. A Consulting firm which specializes in HR and back end management for small practices, with a focus on HIPAA and medical practice compliance. Stephen is also the Director of Operations of Corner Piece, a leading ABA company. While managing two successful firms, Stephen has also been a major contributor in numerous start-up entities. In addition to being an entrepreneur and business owner, Stephen is also a process engineer. Career highlights while working in this field include the training of production and engineering staff, creation of countless policies and procedures for engineering equipment as well as new inspection systems, team lead on many million dollar installations and the development of process analysis software.

Ashley Bango:

Ashley Bango, MS, BCBA graduated with her Bachelor's degree in Psychology from Fayetteville State University in December 2005. She obtained her M.S. in Psychology with a Specialization in Applied Behavior Analysis from Florida State University-Panama City Campus in 2008. She had the privilege of being a student of Dr. Jon Bailey and graduated with a 4.0 GPA. During her time at FSU, she had many great opportunities to get experience at various practicum sites. She worked home-based services for children with Autism with early learners. She wanted to have diverse experience, so she also worked in adult services in a day support program, designing reinforcement strategies with a program for children and families increasing healthy habits (i.e., exercise, nutrition, etc.), and an alternative school in the public school system specifically targeting maladaptive behavior in students the school had been unable to successfully support.

After graduating, she worked adult services supporting clients in the work and home settings to increase independence, communication, and decrease target behaviors. She continued on to work in a private day school setting for children and young adults 5-20 years of age with various disabilities and supervising staff in pursuit of their certification for 2.5 years. The next 3 years, she then moved to a private agency where she continued staff supervision, client programming, and then Program Director overseeing the ABA services, funding, and clinical documentation. This experience provided her the knowledge to then open her own company, Positive Change ABA, LLC in 2014.



Starting at: $500.00

HIPAA Risk Assessment

This 109 point risk assessment will help you on your way to becoming compliant with HIPAA rules and regulations.  Set rank items based on likelihood, risk, and impact.  Add missing policies and ensure that 3rd part vendors keeping your client data safe.*updated 04/20/18  

Cost: $50.00
Do not send PHI in messages.
Cart X Close
Cart is empty!