DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice. All information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.
The HIPAA Privacy Rule contains a documentation requirement.
As part of this requirement, a covered entity must maintain its policies and procedures in written or electronic form. A covered entity must maintain all required documentation (which includes its policies and procedures, and any communications or actions the HIPAA Privacy Rule requires to be in writing) for six years from the date of its creation or the date it was last in effect, whichever is later.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article