HIPAA Forms and Links

• CHCPCA Application for COPIC Insureds
• CHCPCA Application for Non-COPIC Insureds
• Clinical Guidelines and Tools
• Colorado BME Inquiry Letters
• COPIC Speakers Bureau
• COPIC Tips
• Helpful Links
• HIPAA Forms and Links
• Model Forms and Templates
• Newsletters
• Other Publications
• Patient Education
• Referrals to Consultants/Vendors

COPIC offers the following forms and checklists for your use in implementing the HIPAA Privacy Rules. While these forms and checklists are likely to be among the more frequently used for HIPAA compliance, they do not represent a total compliance solution to the HIPAA privacy regulations. Additional forms and checklists will be necessary for you to fully implement the requirements of the HIPAA Privacy Rules. Although COPIC is confident that the forms and checklists provided here comply with HIPAA and will be helpful in your implementation efforts, other versions of these forms and checklists may also satisfy the requirement of the rules. These forms and information are intended to supplement or provide alternatives to consider with respect to the overall HIPAA compliance program you have selected to guide your compliance efforts.

On December 3, 2002, the HHS Office for Civil Rights (the federal agency overseeing HIPAA compliance) issued OCR Guidance Explaining Significant Aspects of the Privacy Rule. This document is not a comprehensive solution to HIPAA compliance, but it is a helpful manual to understanding and complying with the Privacy Rules. You may find it online at www.hhs.gov/ocr/hipaa/privacy.html.

Since HIPAA is a new program, without much in the way of precedent or experience to go on, interpretation of the rules and what they require can vary. In addition, the rules are likely to be modified by HHS and may evolve and change as courts and administrators provide their official interpretation. In such an event, COPIC will periodically update these materials as circumstances dictate.

COPIC has identified some vendor solutions (Adobe Acrobat PDF document) that may be helpful to you in designing and implementing a HIPAA compliance program in your practice.

• NOTICE OF PRIVACY PRACTICES. The Notice of Privacy Practices -- English version (MS Word document) or Notice of Privacy Practices -- Spanish version (MS Word document) should be modified to fit the actual privacy policies of your practice. A Notice of Privacy Practices must be distributed to all patients with whom you have a direct treatment relationship the first time that you see them after April 14, 2003.
• ACKNOWLEDGMENT. The Acknowledgment of Privacy Practices -- English version (MS Word document) or Acknowledgment of Privacy Practices -- Spanish version (MS Word document) may be used to satisfy the rule that requires you to make a good faith effort to obtain written acknowledgment that your patient has received your practice's Notice of Privacy Practices.
• AUTHORIZATION. The Authorization -- English MSWord version or Authorization -- Spanish MS Word version may be used when the rules require an Authorization to release protected health information.
• CHECKLIST FOR RESPONSE BY PROVIDERS RE: REQUESTS FOR ACCESS. This checklist (MS Word document) may be used as a guide for implementing the patient's right to access, inspect, and copy the designated record set. The HIPAA Privacy Rules grant patients the right to access, inspect, and copy the designated record set. The designated record set is the group of medical records and billing records about individuals maintained by or for a covered health care provider to make decisions about such individuals.
• CHECKLIST FOR RESPONSE BY PROVIDERS RE: REQUEST TO AMEND. This checklist (MS Word document) may be used as a guide for implementing the patient's right to request amendments to their own protected health information.
• SAMPLE LETTER DENYING REQUEST TO AMEND. The sample letter -- English version (MS Word document) or sample letter -- Spanish version (MS Word document) may be used to deny a patient's request to amend their protected health information.
• MODEL BUSINESS ASSOCIATE CONTRACT. This template Business Associate Agreement (MS Word document) closely follows the Business Associate Agreement recommended by the Department of Health and Human Services and may be used to implement the requirement that covered health care providers obtain written satisfactory assurances from their business associates. NOTE: If you are COPIC insured, COPIC has provided you with a signed Business Associate Agreement that satisfies your duty to obtain written assurances from COPIC, one of your business associates. Therefore, you do not need to prepare an Agreement to cover our Business Associate relationship with you.