Is required for all Chain of Trust Agreements.

Must allow for the patient's written acknowledgement of receipt.

Must always be signed by the patient.

Must be signed in order for the patient's name to be sold to a mailing list organization

Is not required if an authorization is being developed

Termination Procedures

Automatic Logoff

Emergency Access Procedure

Contingency Operations

Response and Reporting

Title IX: Employer sponsored group health plans.

Title III: Tax-related Health Provisions.

Title II: Administrative Simplification.

Title I: Health Care Insurance Access, Portability, and Renewability.

Title V: Revenue Offsets.

Risk Management

Protection from Malicious Software

Facility Security Plan

Response and Reporting

Emergency Access Procedure

Risk Analysis

Access Control and Validation Procedures

Integrity Controls

Access Authorization

Termination Procedures

Contingency Plan

Evaluation

Security Management Procedures

Facility Access Control

Security Incident Procedures

National PKI Identifier.

National Standard Health Care Provider Identifier.

National Standard Employer Identifier.

Standards for Electronic Transactions and Code Sets.

Security Rule.

"Use" refers to the release, transfer, or divulging of IIHI between various covered entities

"Use" refers to adding, modifying and deleting the PHI by other covered entities.

"Use" refers to utilizing, examining, or analyzing IIHI within the covered entity

"Use" refers to the movement of de-identified information within an organization.

"Use" refers to the movement of information outside the entity holding the information

ICD-9-CM, Volumes 1 and 2

CPT-4

CDT

ICD-9-CM, Volume 3

NDC

Eligibility status

Benefit maximums

Participating providers

Deductibles & exclusions

Co-pay amounts

NCPDP-based pharmacy standards

The standard for pharmacy-health plan communication.

Administering Medicare and Medicaid programs.

Claims attachments.

Publishing HIPAA Transactions-related Implementation Guides.

Authorization Number

Provider's National Provider Identifier (NPI)

Claim Submitter home phone number

Patient's lab report

Provider's security PIN code

3070

3050

3045

4010

4020

Disaster Recovery Plan

Data Backup Plan

Facility Access Controls

Security Incident Procedures

Emergency Mode Operations Plan

Sanction Policy

access Authorization

Facility Security Plan

Termination Procedures

Unique User Identification

Integrity Controls

Access Control and Validation Procedures

Emergency Mode Operation

Plan Response and Reporting

Risk Analysis

The types of financial information to be disclosed.

The specific individuals or entities to which disclosure would be made.

The types of persons who would receive PHI.

The conditions that would not apply to disclosure of PHI

The criteria for reviewing requests for routine disclosure of PHI.

Eligibility (270/271).

Premium Payment (820).

Unsolicited Claim Status (277).

Remittance Advice (835).

Functional Acknowledgment (997).

Person or Entity Authentication

Technical Safeguards

Administrative Safeguards

Physical Safeguards

Transmission Security

As a response to a health care claim status request

As a health care claim payment advice

Electronic funds transfer

As a request for health care claims status

Request for the psychotherapy notes of a patient

Is another name for the Security Ruling.

Requires the use of biometrics for access to records.

Is electronically stored information about an individual's health status and health care.

Identifies all hospitals and health care organizations.

Requires a PKI for the provider and the patient.