Knowledge Base

Included in our Learning Lever, Digital Training Solution:  Free Trial HERE

This course covers the following information:

HIPAA Rules and Compliance: HIPAA and Protected Health Information

• How HIPAA defines "protected health information" (PHI).
  
• The purpose and content of the HIPAA Privacy, Security and Enforcement rules.
  
• The purpose of the GINA and HITECH legislation.
  
• How the final omnibus HIPAA rule integrates GINA and HITECH into the regulation.
  

HIPAA Rules and Compliance: Covered Entities, Business Associates and Subcontractors

• The types of organizations and people that are responsible for protecting health information.
  
• How HIPAA defines "covered entity", "business associate" and "subcontractor".
  
• Examples of each of these three types of organizations and people.
  

HIPAA Rules and Compliance: PHI and Patients' Rights

• The specific rights that HIPAA gives patients regarding their "protected health information".
  
• The purpose and content of a Notice of Privacy Practices (NPP).
  
• The circumstances under which a covered entity may deny a patient access to their PHI.
  
• What a covered entity must do for a patient when it denies them access to their PHI.
  

HIPAA Rules and Compliance: Guidelines for Use and Disclosure of PHI

• How protected health information may be "used" and "disclosed" under HIPAA.
  
• The situations in which PHI is permitted and required to be shared.
  
• How the "minimum necessary" standard restricts the amount of PHI that can be used or disclosed.
  
• The situations when a covered entity does and does not need the patient's permission or signed authorization to share their PHI.
  

HIPAA Rules and Compliance: Using PHI for Marketing and Fundraising

• How "marketing" is defined by the HIPAA Privacy Rule.
  
• When patient permission or signed authorization is and is not required to use or disclose their PHI for marketing purposes.
  
• The types of communications that may make use of patient PHI but are not considered to be "marketing".
  
• When patient PHI may be used or disclosed for fundraising purposes.
  

HIPAA Rules and Compliance: Requirements of the HIPAA Security Rule

• The purpose and content of the HIPAA Security Rule.
  
• How administrative, technical and physical safeguards are used to protect the privacy and integrity of protected health information that is in an electronic form (EPHI).
  
• Examples of administrative, technical and physical safeguards that are used to protect EPHI.
  

HIPAA Rules and Compliance: Breach Notification and Penalties

• What constitutes a "breach" of PHI.
  
• What steps a covered entity must take when a breach may have occurred.
  
• When and under what circumstances patients, the media and the Department of Health and Human Services must be notified of a PHI data breach.
  
• The penalties that HIPAA may impose for breach violations, and who can be subjected to them.