HIPAA Compliance

About This Course

Are you a health care professional or considering a career in the health care industry? Do you provide products or services to a health care organization? If the answer to either of these questions is yes, then it's mandatory that you understand the requirements of HIPAA, ARRA, AND HITECH compliance. This groundbreaking legislation requires all health care professionals to take careful steps to protect private information. But what exactly does HIPAA, ARRA, and HITECH require?

In this course, we'll demystify the compliance process. We'll focus specifically on the Administrative Simplification portion of HIPAA, ARRA, and HITECH, starting by defining the lingo of HIPAA, ARRA, and HITECH and identifying the important players. Then we'll cover transactions, code sets, and identifiers, which are all key elements in electronic health care transmissions.

We'll use real-world examples to help explain the Privacy Rule, which governs patient rights, disclosure of protected health information (PHI), business associates, and many other relationships within the health care industry. Since computers are an integral part of health care these days, we'll see how they fit into the Security Rule. We'll also examine administrative safeguards, physical safeguards, technical safeguards, and policy and procedure creation—all of which are crucial components of the Security Rule.

By the time you finish this course, you'll be confident and capable of implementing HIPAA, ARRA, and HITECH's requirements in your own organization. If you're just starting your career in the health care field, you'll have a priceless addition to your resume.

About The Instructor

This course includes a knowledgeable and caring instructor who will guide you through your lessons, facilitate discussions, and answer your questions. The instructor for this course will be Carline Dalgleish.

Carline Dalgleish has worked in healthcare administration and education for more than 30 years, starting as a file clerk in the Army/Air Force American Hospital in Nuremberg, Germany on a work-study program. She began her career on the clinical side of healthcare as a Licensed Vocational Nurse (LVN) and Emergency Medical Technician (EMT), but she soon gravitated toward the administrative medical management side—specializing in medical billing and coding, health information management, and HIPAA. She has a bachelor’s degree and a master’s degree and will soon be certified as a Registered Health Information Administrator (RHIA). She is an AHIMA-Approved ICD-10-CM/PCS Trainer and is writing a textbook on the topic. She has taught a variety of healthcare administration courses and owns her own education services company.

Syllabus

A new section of each course starts monthly. If enrolling in a series of two or more courses, please be sure to space the start date for each course at least two months apart.

Week 1

Wednesday - Lesson 01

In our first lesson, we'll lay out the foundation of HIPAA so you'll understand the motivation behind the law. We'll focus specifically on the Administrative Simplification portion of HIPAA and give you a good idea of its goals. As with any law, noncompliance comes at a price. So we'll also take a look at the penalties involved for anyone who ignores HIPAA's requirements.

Friday - Lesson 02

HIPAA has a language all its own. To truly grasp the scope of the law, it's important that you become familiar with HIPAA's lingo and also its players—the various organizations involved in setting HIPAA standards. And that's what we'll work on in this lesson. By the time you finish, you'll understand HIPAA's jargon and be able to untangle its acronyms.

Week 2

Wednesday - Lesson 03

It's time to put your newfound lingo to use. The overriding goal of HIPAA is to protect personal health information. In this lesson, we'll identify the 12 types of electronic transactions that HIPAA covers. We'll also take a peek at the code sets and identifiers used in these transactions. Transactions, code sets, and identifiers are key to your understanding of HIPAA, and this lesson will put those pieces of the puzzle together.

Friday - Lesson 04

The Privacy Rule is another key element of HIPAA, and it has some core requirements. When you finish this lesson, you'll have a good understanding of those requirements as well as an overview of the Privacy Rule's relationship to other privacy laws. Privacy breaches can have far-reaching consequences, so we'll take a look at some examples to help emphasize the value of the Privacy Rule.

Week 3

Wednesday - Lesson 05

Now that you understand the Privacy Rule, we'll take the next step and delve into the requirements for using and disclosing protected health information (PHI). HIPAA has two types of disclosures: required and permitted. At the end of this lesson, you'll understand the difference between the two. Another concept that figures heavily into the entire HIPAA picture is minimum necessary. You'll see how this concept fits neatly into the issue of PHI disclosures.

Friday - Lesson 06

Under HIPAA, patients have seven fundamental privacy rights. And those rights are what we'll be examining in this lesson. You'll learn that included in HIPAA are careful steps to make sure patients have access to their own medical information and control over how it's disclosed. You'll also see how state laws can expand on HIPAA's provisions.

Week 4

Wednesday - Lesson 07

The health care industry doesn't operate in a vacuum. Health care entities provide services through a network of relationships with other entities. We'll focus on those relationships in this lesson. We'll examine business relationships and learn how to recognize their differences. We'll also take a closer look at the business associate relationship from the perspective of contracts and liability.

Friday - Lesson 08

The Security Rule is the companion to HIPAA's Privacy Rule. In this lesson, we'll turn our attention to the concept of information security. Security has its own key terms, and we'll spend some time defining them so you'll be familiar with their meaning. We'll also address the various threats that exist when we electronically handle and transmit protected health information.

Week 5

Wednesday - Lesson 09

Continuing the journey into HIPAA's Security Rule, in this lesson, we'll explore the Security Rule's fundamental approach to addressing security. We'll examine the philosophy and principles behind the Security Rule. Then we'll go over the standards for implementation, and you'll learn which ones are required and which are simply addressable. We'll also take a look at some real-life security breaches, which should emphasize the need for good security practices.

Friday - Lesson 10

The Security Rule covers three major areas: administrative safeguards, physical safeguards, and technical safeguards. In this lesson, we'll focus on administrative safeguards. By the end of the lesson, you'll understand that administrative safeguards are actions, policies, and procedures designed to manage your security choices.

Week 6

Wednesday - Lesson 11

In this lesson, we'll look at the physical and technical safeguards component of the Security Rule. We'll dig into their various standards and implementation specifications so you can see how they apply to your own organization. We'll also talk a bit about how the Security Rule and the Privacy Rule overlap.

Friday - Lesson 12

When it's time to begin creating your own policies and procedures to implement HIPAA, it helps to have a framework to follow. And that's what this lesson will give you: a description of the most common frameworks available to best suit you. We'll also look at some health care trends so you'll have an idea of what the future holds for HIPAA.

Requirements

Internet access, e-mail, the Microsoft Internet Explorer or Mozilla Firefox Web browser, and the Adobe Flash and PDF plug-ins (two free and simple downloads you obtain at http://www.adobe.com/downloads by clicking Get Adobe Flash Player and Get Adobe Reader).