HIPAA Privacy Policy

HIPAA Compliance Update

and Archive Policy

Prepared By:
ABYDE

Prepared For:

JSTS PLLC dba Reed Optical

63 Pleasant Street

Claremont, NH 03743

603-543-3125

HIPAA Compliance Update and Archive Policy

Section 164.316(b)(2)(i)

PURPOSE
The purpose of implementing the following HIPAA Compliance Update and
Archive Policy is to ensure JSTS PLLC dba Reed Optical properly updates and
archives all documentation pertaining to HIPAA compliance.

POLICY
JSTS PLLC dba Reed Optical must retain the following documentation for at
least six years from the date of its creation or the date when it last was in effect,
whichever is later.

• A written or electronic record of a designation of an organization as a CE (e.g., health plan, affiliated covered entity, etc.) or BA
• All patient’s Protected Health Information or medical records
• Information security and privacy policies and procedures implemented to comply with HIPAA
• All documented settings, activities and assessments required by HIPAA
• All data use agreements and other forms supporting HIPAA compliance
• All signed authorizations and, where applicable, written acknowledgements of receipt of the notice or documentation of good faith efforts to obtain such written acknowledgements
• The Notice of Privacy Practices for entities that must provide them
• Designated record sets that are subject to access by individuals
• Documentation of the titles of the persons or offices responsible for HIPAA compliance, including not only those with overall responsibility for compliance, but also those responsible for receiving and processing requests for amendments by individuals, and those responsible for receiving and processing requests for an accounting by individuals
• Accounting of disclosures of protected health information (PHI)

In addition to knowing what HIPAA requires for retention, JSTS PLLC dba Reed Optical also understands their other legal requirements for retention, from state, federal, international and contractual requirements.
JSTS PLLC dba Reed Optical also mandates the updating of all HIPAA Compliance documentation at minimum, once per year.

​​​​​​​