Data Inventory
This short video, accompanied with some explanatory text, will answer any questions you may have regarding the Data Inventory
It is an annual requirement complete a Data Inventory
To begin to address your data inventory, please select the menu item to your left labeled compliance and select data inventory in the drop-down which follows.
Once you are on the page for the data inventory, look to your upper-right for a blue button that is labeled add inventory.
How to fill the Inventory fields
In the name field, be sure to list any Internet of things devices that have the ability to touch protected health information at any given time.
It does not matter if you are not storing PHI on a local device or server.
If any given device can touch that protected health information, we are simply accounting for it here. Be it company owned or a personally owned device, we're making another notch on our tally.
Under inventory ID: Feel free to put some hash marks in that field. There's a fair chance that this will not apply to you. If you are serializing your hardware, feel free to place inventory IDs in this field.
Estimated Records: You want to lean heavily on the fact that this says estimated. It's a very hard number to list because it is fluid in nature. This is why when completing this field you should give a range starting with zero. The top end of your range would be however many individual records you have the ability to touch with the hardware listed in the first field (Name).
Location: Please type in the city and state where these devices will primarily be touching protected health information.
Location Type: First, please notice the default status of 'physical' is selected. Please ignore this drop down and leave the option of physical as is.
Data Stored: This next answer is real easy. Simply put phi. Protected health information is our largest risk factor and what we are taking steps to protect. Phi is the only answer needed here.
(Instructions for completing the bottom of the form are under the picture)
![]](https://downloads.intercomcdn.com/i/o/gz809w1/1434233295/ec88d3e7c46977f191e92a5798fd/Xnapper-2024-08-08-13_14_37.png?expires=1752810300&signature=6c60e16fc32fc69e6f1ee2405dc348d87a9e844dddb107363231dfe06bbed00f&req=dSQkEst9noNWXPMW1HO4zQaNJuc2qwYsb%2Fbb9801aTHlbLDlboGh3IyPafrZ%0Ay9vf7MYlVF11NDQq%2BQ8%3D%0A)
Risk Level: Please mark risk level as low, as it has no effect anywhere else inside of Accountable and move along in this audit.
Contact Information: The person completing this audit will want to list their email, their first name and their last name.
Finalizing: Click create inventory to save your work and be done with this audit until it requires completion in a year's time.
✅ Check out further examples of articles we have on the HIPAA compliance process. For example, there's this article on how to report an incident
❓ Still have questions? Please email us! We are happy to help!