Included in the download are the following documents:

  • About Section 1.E. Standards Overview and Implementation Guide: A guide for implementing Legal Requirement standards and specific key tips your CARF survey.
  • Records of the Persons Served-Hard Copy/Paper: A comprehensive policy and procedures for hard/copy paper records. Includes storage, documentation, use, security, retention and destruction.
  • Confidential Information Dissemination Policy and Procedures: Covers all the key areas for security and confidentiality of disseminating protected health information.
  • Responding to Legal Action Policy and Procedures: Detailed step-by-step procedures for dealing with a variety of legal requests for information, including all areas required by the CARF standards.
  • Electronic Communication and Mobile Device Policy: Addresses organizational requirements for communications via electronic devices. Includes organizational communication monitoring, personal use of organizational email and messaging systems, use of organization-owned and personnel-owned mobile devices, and retention of email.
  • Internet Use Policy: Addresses organizational parameters for use of employment internet access, appropriate personal use, inappropriate personal use, and organizational controls.
  • Organizational Administrative Records Policy: Provides methods to manage hard copy and electronic records in maintaining an organization’s historical operational process and legal requirements. Defines 10 classifications of records and outlines retention classifications and schedules.
  • Independent Contractor and Visitor Access Policy: Covers legal security and confidentiality issues related to access of an organization’s physical environment(s). Provides step-by-step procedures for onsite visitation and access.
  • Electronic Communications Audit Policy: Policy authorizes and describes organizational of all electronic systems, devices and removal media used are in conformance with the written use and security procedures of the organization through conducting audits of configuration and usage.
  • Retention of Electronic Records Policy: Covers standard practices in the retention of electronic records.
  • Removable Electronic Media Policy: Covers an area that is typically the most vulnerable aspect for organizations in the control and security of electronic data and information; removable media devices such as USB flash drives, external hard drives, etc. Includes clear and detailed parameters for use.
  • Wireless Communication Policy: Covers the use and configuration aspects related to security of information for internal wireless systems, and the requirements for use of external wireless systems in accessing an internal electronic network.
  • Electronic Network Device and Removal Media Password Policy: Covers the requirements for setting up and using passwords required within many of the previous electronic policies and procedures.
  • Employee/Contractor Electronic Information and Data Communications Agreement/Form: An orientation checklist and signature form to ensure employees are in agreement with organizational electronic information, data, and communications policy, and manage organizational risk associated with potential employee misconduct in this area.


All downloads are in Microsoft Word format for easy editing.

63 Total Pages/14 Documents