Certificate in HIPAA Compliance Online Course

Introduction to HIPAA

In our first lesson, we'll lay out the foundation of HIPAA so you'll understand the motivation behind the law. We'll focus specifically on the Administrative Simplification portion of HIPAA and give you a good idea of its goals. As with any law, noncompliance comes at a price. So we'll also take a look at the penalties involved for anyone who ignores HIPAA's requirements.

HIPAA's Major Players: Covered Entities, Business Associates, and Related Organizations

Are you interested in working in a medical or dental office, an insurance company, or a government agency like the Centers for Medicare and Medicaid Services or the Department of Health and Human Services? All of these organizations are subject to HIPAA, and all of them have to work together. In this lesson, you'll learn which groups must comply with HIPAA's rules and standards as they gather and transmit health-related information. By the time we're done with this lesson, you'll know the difference between a covered entity, a business associate, and a trading partner

Transactions, Code Sets, and Identifiers

It's time to put your newfound lingo to use. The overriding goal of HIPAA is to protect personal health information. In this lesson, we'll identify the 12 types of electronic transactions that HIPAA covers. We'll also take a peek at the code sets and identifiers used in these transactions. Transactions, code sets, and identifiers are key to your understanding of HIPAA, and this lesson will put those pieces of the puzzle together.

Introduction to the Privacy Rule

What happens if you or your employer violates the Privacy Rule? Could a court fine you or even send you to jail? And what if the privacy breach was unintentional, and you tried to fix it as soon as you found out—would that have any effect on your punishment? Today we'll answer these questions and many others as we delve into the administrative requirements of the Privacy Rule. You'll find out about civil and criminal penalties for noncompliance and wrongful disclosure of protected health information.

Use and Disclosure of Protected Health Information

Now that you understand the Privacy Rule, we'll take the next step and delve into the requirements for using and disclosing protected health information (PHI). HIPAA has two types of disclosures: required and permitted. At the end of this lesson, you'll understand the difference between the two. Another concept that figures heavily into the entire HIPAA picture is minimum necessary. You'll see how this concept fits neatly into the issue of PHI disclosures.

Patient Rights

Under HIPAA, patients have seven fundamental privacy rights. We'll examine those rights in this lesson. You'll find out what procedures HIPAA requires to ensure that patients can access their own medical information and control how others disclose that information. You'll also see how state laws can expand on HIPAA's provisions.

Introduction to the Security Rule

The Security Rule is the companion to HIPAA's Privacy Rule. In this lesson, we'll turn our attention to the concept of information security. Security has its own key terms, and we'll spend some time on them so you'll be familiar with their meanings. If you don't know the difference between a hacker and a spoofer, you will by the time this lesson is done! We'll also address the various threats that can exist when you electronically handle and transmit protected health information.

Risk Management and the Security Rule Standards

How common are security breaches in the real world, and what effects can they have? As we continue to investigate HIPAA's Security Rule, we'll explore its fundamental approach to addressing security. We'll examine the philosophy and principles behind the Security Rule. Then we'll go over the standards for implementation, and you'll learn which ones are required and which are simply addressable. We'll also examine the frequency and costs of some real-life security breaches, so you'll understand why effective security practices matter so much.

Administrative Safeguards

The Security Rule covers three major areas: administrative safeguards, physical safeguards, and technical safeguards. By the end of today's lesson, you'll understand what administrative safeguards are and how they could affect you at your job

Physical and Technical Safeguards

Continuing the journey into HIPAA's Security Rule, in this lesson, we'll examine the philosophy and principles behind the Security Rule. Then we'll go over the standards for implementation, and you'll learn which ones are required and which are simply addressable. We'll also take a look at some real-life security breaches, which should emphasize the need for good security practices.

Compliance, Rules, and Agreements

We've emphasized how important it is for your organization to comply with HIPAA. But what if one of your business associates fails to comply and leaves your patients' data exposed? In recent years, the federal government has tightened up rules related to business associates and security breaches. In this lesson, we'll explore the rules and laws about compliance and business associates. By the time we're done, you'll understand the basics of a business associate agreement.

HIPAA: Wrapping It Up!

When it's time to begin creating your own policies and procedures to implement HIPAA, it helps to have a framework to follow. And that's what this lesson will give you: a description of the most common frameworks available, so you can choose the one that best suits your organization. We'll also look at some healthcare trends so you'll have an idea of what the future holds for HIPAA.