HIPAA Compliance Resources
Free guides, templates, and tools to help San Diego healthcare providers understand and maintain HIPAA compliance with current federal and California state requirements.
Key HIPAA Requirements 2025
Understanding the four core areas of HIPAA compliance for healthcare providers.
- Notice of Privacy Practices (NPP) distribution and acknowledgment
- Minimum necessary use and disclosure of PHI
- Patient rights: access, amendment, accounting of disclosures
- Privacy Officer designation and training requirements
- Annual security risk assessment and remediation
- Access controls and user authentication (unique IDs, emergency access)
- Encryption of PHI at rest and in transit
- Audit controls, integrity controls, and transmission security
- Breach risk assessment within 60 days of discovery
- Individual notification within 60 days for breaches affecting 500+ individuals
- HHS notification via breach portal (immediately for 500+, annually for <500)
- Media notification for breaches affecting 500+ residents in same state/jurisdiction
- Written Business Associate Agreements (BAAs) before PHI disclosure
- Due diligence on subcontractor compliance and security practices
- Regular review of BA performance and security incidents
- Termination procedures for non-compliant business associates
Downloadable Guides & Templates
Free, practical resources you can download and use immediately in your practice.
Want all resources in one package?
Whitepapers & In-Depth Guides
Comprehensive resources for understanding HIPAA compliance in depth.
HIPAA Compliance for Small Practices
Practical guide for small healthcare practices to achieve HIPAA compliance on a budget, covering essential policies, procedures, and affordable security measures.
Healthcare Cybersecurity in 2025
Analysis of current cybersecurity threats to healthcare organizations including ransomware, phishing, and insider threats, with concrete prevention strategies.
Telehealth & HIPAA Compliance
Complete guide to HIPAA-compliant telehealth including platform selection, patient consent, emergency exceptions, and California-specific requirements.
Cloud Storage & PHI Security
Understanding Business Associate Agreements with cloud providers, encryption requirements, access controls, and compliance best practices.
Tools & Calculators
Interactive tools to help you assess and manage HIPAA compliance.
HIPAA Compliance Calculator
Estimate the time and resources needed to achieve HIPAA compliance based on your practice size and current state.
Compliance Calendar
Track HIPAA training schedules, annual risk assessments, policy reviews, and other compliance deadlines.
Vendor Assessment Tool
Evaluate potential business associates and technology vendors for HIPAA compliance readiness and BAA requirements.
Security Checklist App
Mobile-friendly tool to conduct regular security checks, document safeguards, and track remediation activities.
Video Library
Watch short, informative videos on key HIPAA compliance topics.
Video Resources Coming Soon
We're creating a library of video tutorials covering essential HIPAA compliance topics for San Diego healthcare providers. Check back soon or contact us for in-person training.
Official HIPAA & Healthcare Resources
Links to official government and industry resources for HIPAA compliance and California healthcare regulations.
HHS Office for Civil Rights (OCR)
Official HIPAA enforcement agency providing guidance, breach portal, complaint filing, and compliance resources
Visit hhs.gov/hipaa →HIPAA Security Rule Guidance
Technical safeguards, administrative procedures, and physical security requirements from HHS
Visit hhs.gov/hipaa/for-professionals/security →California Department of Public Health
State healthcare regulations, licensing requirements, and public health guidance for California providers
Visit cdph.ca.gov →California Health & Safety Code
State laws governing medical information privacy (CMIA), healthcare facilities, and patient rights in California
Visit leginfo.legislature.ca.gov →San Diego County Medical Society
Professional organization providing resources, advocacy, and support for San Diego physicians and healthcare providers
Visit sdcms.org →California Medical Association
Statewide physician organization offering compliance resources, practice management tools, and regulatory guidance
Visit cmadocs.org →NIST Cybersecurity Framework
Technical security standards and best practices that align with HIPAA security requirements
Visit nist.gov/cyberframework →NIST HIPAA Security Guidance
Detailed technical guidance on implementing HIPAA Security Rule requirements (NIST SP 800-66)
Visit csrc.nist.gov/hipaa →Additional Federal Resources
- HHS Breach Notification Rule Guidance
Requirements and procedures for reporting data breaches
- HHS Breach Portal
Report and search publicly reported breaches affecting 500+ individuals
- File a HIPAA Complaint with OCR
Submit complaints about potential HIPAA violations
Stay Updated
Subscribe to receive the latest HIPAA updates, compliance tips, and new resources for San Diego healthcare providers.