HIPAA Questionnare


1 Do you have policies and procedures for ensuring the privacy of its clients' Protected Health Information (PHI)?
2 Do you have a formal privacy awareness, education and training program available to its workforce?
4 Have you conducted a technical and non-technical evaluation of the implemented security standards?
5 Do you maintain audit logs of system activity to monitor processing, sharing and transmitting of PHI?
6 Are unique user identification codes required in order to access systems that process or manipulate client PHI?
7 Do your systems used to process or manipulate client PHI automatically log out following a period of inactivity?
8 Does Oriental Solutions employ a particular individual who is assigned responsibility for information security?