What is the HIPAA Privacy Rule Documentation Requirement?

Modified on Tue, 13 Feb at 6:02 PM

DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice. All information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.

The HIPAA Privacy Rule contains a documentation requirement. 

As part of this requirement, a covered entity must maintain its policies and procedures in written or electronic form. A covered entity must maintain all required documentation (which includes its policies and procedures, and any communications or actions the HIPAA Privacy Rule requires to be in writing) for six years from the date of its creation or the date it was last in effect, whichever is later.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article