HIPAA Onboarding Checklist
Scroll to the bottom of this page for a PDF of this checklist!
1. Complete Company Information
- Fill out Company info applicable to your organization.
2. Add Administrator
- Add your Admins
3. Add Officers
- List your HIPAA Security and HIPAA Privacy Officer in the Human Resources sections. They will be responsible for implementing your HIPAA policies and act as the first point of contact for any breaches.
4. Add Connections
- Connections are how Vanta pulls data and scans your systems for any gaps applicable to HIPAA controls. Integrate your Task Tracker (e.g., JIRA, Clubhouse, Trello, etc.), so Vanta can assist you in proving incident tracking and reporting. Label tickets with the “security” label, and we do the rest.
1. Create HIPAA-Compliant Policies
Policies make up the framework your company will follow and your auditors will use to ensure you are HIPAA-compliant.
- Create all information security policies
- Create all HIPAA-specific policies
2. Set Up Employee Onboarding
Employees need to be aware of their roles and responsibilities at your company and become familiar with security best practices.
- Determine if you'd like to do your security awareness training through Vanta. If you do, you can use the training video created by our partner, LivingSecurity. Alternatively, you can add the URL to the training you already use.
- Determine your “Background check monitoring start date.”
Note: This is important if you have employees you do not want to background check now.