HIPAA compliance is complicated but it doesn't have to be. Cloudticity helps relieve the technical burden with our HIPAA-compliant cloud computing platform and solutions for healthcare.
In an effort to make compliance as easy as possible for companies working with protected health information (PHI), we decided to open source our company policies.
Do you handle PHI and not yet have your own company policies in place? Then you'll find our content useful.
All policies are licensed under CC BY-SA 4.0.
Each policy is included as it's own markdown file in case you want to cherry pick specific policies. If you currently have no policies in place, we encourage you to consider utilizing all policies after a thorough review.
- Introduction
- HIPAA Inheritance
- Policy Management Policy
- Risk Management Policy
- Roles Policy
- Data Management Policy
- System Access Policy
- Auditing Policy
- Configuration Management Policy
- Facility Access Policy
- Incident Response Policy
- Breach Policy
- Disaster Recovery Policy
- Disposable Media Policy
- IDS Policy
- Vulnerability Scanning Policy
- Data Integrity Policy
- Data Retention Policy
- Employees Policy
- Approved Tools Policy
- 3rd Party Policy
- Key Definitions
- Cloudticity HIPAA Business Associate Agreement (“BAA”)
- HIPAA Mappings to Cloudticity Controls