HIPAA Privacy Compliance Audit Checklist

Comprehensive HIPAA Privacy Rule compliance audit to assess protected health information safeguards and organizational privacy practices.

• Industry: Healthcare
• Frequency: Annual / As needed
• Estimated Time: 2-4 hours
• Role: Privacy Officer/Compliance
• Total Items: 48
• Compliance: HIPAA Privacy Rule, 45 CFR 164.500-534, HHS OCR Guidance

Notice of Privacy Practices

NPP requirements

• NPP current and up to date?
• NPP posted in prominent locations?
• NPP provided to patients at first service?
• Good faith effort to obtain acknowledgment?

Patient Rights

Individual rights compliance

• Patient access to PHI honored within 30 days?
• Amendment request process in place?
• Accounting of disclosures available?
• Restriction requests considered?
• Confidential communication requests accommodated?

Minimum Necessary Standard

Limiting PHI use and disclosure

• Minimum necessary policies exist?
• Access based on job role?
• Routine disclosures limited appropriately?

Authorizations

Valid authorization requirements

• Authorizations contain all required elements?
• Authorizations not expired?
• Revocations honored?

Workforce Training

Privacy training requirements

• Initial privacy training provided?
• Ongoing privacy training provided?
• Training documented?

Sanctions & Complaints

Enforcement mechanisms

• Sanction policy in place?
• Complaint process established?
• No retaliation policy in place?

Pre-Assessment Information

Initial assessment documentation and patient/facility identification

• Assessor Name / Credentials
• Assessment Date
• Department / Unit
• Assessment Type (Routine/Annual/Complaint)
• Previous assessment findings reviewed?

Infection Prevention & Control

Verify infection control practices per CDC and Joint Commission standards

• Hand hygiene compliance observed?
• Appropriate PPE available and properly used?
• Isolation precautions properly implemented?
• Sharps containers available and not overfilled?
• High-touch surfaces properly disinfected?

Patient Safety & Identification

Verify patient safety protocols and identification procedures

• Two patient identifiers used before procedures?
• Fall risk assessment completed?
• Call light within patient reach?
• Bed in lowest position with brakes locked?

Medication Safety & Management

Verify medication handling and administration practices

• Medications stored securely and at proper temperature?
• Controlled substances properly secured and counted?
• No expired medications in stock?
• High-alert medications properly labeled?

Environment of Care & Safety

Verify facility environment meets safety standards

• Fire exits clear and unobstructed?
• Emergency equipment functional and accessible?
• Spill kits available and stocked?
• Electrical cords and outlets in safe condition?

Documentation & Regulatory Compliance

Complete assessment documentation and ensure regulatory compliance

• All findings documented with evidence?
• Corrective actions assigned with timeline?
• Staff education provided on identified issues?
• Assessor Signature
• Additional Observations

Related Healthcare Checklists

• HIPAA Security Rule Audit Checklist
• Patient Rights Admission Review Checklist
• Interpreter Services Documentation Checklist
• Medical Staff Credentialing Verification Checklist
• CMS Emergency Preparedness Compliance Checklist
• Surgical Time-Out Verification Checklist
• Central Line Insertion Bundle Checklist
• CAUTI Prevention Bundle Checklist

Browse all 6,000+ free checklist templates

Get started with POPProbe | Book a Demo