HIPAA Online Homepage

User Type

Quick Links
Privacy Notice

What is

Contact Us


HIPAA Privacy & Security
2. Business Associates Section:
HIPAA Activities Checklist

This is a "HIPAA Readiness Activities, Checklist and Calendar" to help you become HIPAA compliant, in your business activities conducted with the Nebraska DHHS.

Began Assessment Process
Completed an inventory of all Transactions.
Completed an inventory for all Protected Health Information that is in your facility.
Made a list of all uses (internal) and disclosures (external) of Individually-Identifiable Health Information.
Completed inventory of all information systems, and their safeguarding mechanism (e.g. disaster recovery, virus detection, user authentication, access logging, etc.)
Identified all policies, procedures, and forms.
From the list of DHHS programs, check how many of such programs impact you.
From the list of HIPAA-Impacted Data, check which of these affect your practice.
Introducing Corrective Activities and New Processes
Begin a HIPAA training program for current and future employees.
Revise all patient-signed forms to include HIPAA-compliant language and practices.
Sign appropriate agreements with business associates and trading partners.
Work with Nebraska DHHS programs, agencies and facilities to institute new claims process.
For all non-compliant information systems -- Change the current system (e.g., purchase new ones that are compliant, re-write current system, modify privilege settings, change passwords and accounts)
The  HIPAA Privacy deadline was on 4/14/2003.
The HIPAA Security deadline was on 10/16/2003.
Maintaining Compliance Status
Regularly read Nebraska DHHS HIPAA-related announcements, and implement such changes -- on this website, in provider letters, in email announcements, in postal-delivered literature.