Health IT Security Proficiency
- 2.5 hours on-demand video
- 1 article
- 16 downloadable resources
- Full lifetime access
- Access on mobile and TV
- Certificate of Completion
Get your team access to 4,000+ top Udemy courses anytime, anywhere.Try Udemy for Business
- Describe the requirements of the HIPAA Privacy Rule and Security Rule, the HITECH Act and the Omnibus Final Rule
- Explain the many changes that have occurred in both federal privacy regulations and the Health IT market since 2009
- Demonstrate understanding of the regulations and special challenges that face Business Associates
- Create a compliance program based on three fundamentals: the Security Risk Analysis, updated policies and procedures, and training
- Secure a medical organization or Business Associate from data breaches
- Prepare for a government audit or breach investigation by understanding the requirements and protocols of each
- Implement new policies and procedures and other documentation, with an understanding of new federal requirements for documentation
- Create a HIPAA awareness and training program
- Demonstrate knowledge of regulatory complexity, including other federal laws and state privacy laws
- Show a pragmatic understanding of how to protect data, whether as an IT specialist, practice manager, or compliance officer
- Implement encryption to protect against data breaches
- Demonstrate knowledge of PCI DSS, the industry requirement for protecting credit card data
- Implement best practices for IT security for all members of the workforce
- Students need no previous training in HIPAA or security to complete this course.
This course provides comprehensive training in health IT security for IT Professionals, Security Officers, and Medical Staff Managers. Detailed lessons describe every aspect of federal privacy compliance, including the HIPAA Privacy and Security rules, regulatory changes brought by the HITECH Act and Omnibus Final Rule of 2013, requirements for Business Associates, and more. Lessons also describe PCI DSS requirements for protecting payment card security, along with encryption strategies. The program is presented through self-paced online lessons, multimedia reviews, and assessments, culminating in a final exam.
Module titles within this course include:
* An Overview of HIPAA
* The HIPAA Privacy Rule
* The HIPAA Security Rule
* Business Associate Regulations
* The HITECH Act and Omnibus Final Rule of 2013
* HIPAA Data Breaches and Penalties
* HIPAA Audits and Enforcement
* HIPAA Policies, Procedures, Awareness, and Training
* Compliance with Multiple Regulations
* Security Responsibilities for IT Managers and Privacy Officers
* Applied HIPAA Security for Healthcare Professionals
* An Introduction to Credit Card Security
* Understanding Payment Cards
* Best Practices for Payment Card Security
* Encryption for Healthcare Enviroments
* Why Protecting Healthcare Data is Important
Average course length: 8 hours
- This HIPAA course is meant for Business Associates, IT staff, doctors, administrators, and other staff who must help to ensure the compliance of their organization.
This lecture provides an overview of the Health Insurance Portability and Accountability Act (HIPAA). It defines key terms, including Protected Health Information (PHI), Covered Entities, and Business Associates. It also describes HIPAA penalties and enforcement.
This lecture describes the Privacy Rule, the section of HIPAA that protects patient health information. The lecture also explains the requirements of patient disclosure of information, the “minimum necessary” principle, and the requirement that medical practices provide patients with a Notice of Privacy Practices (NPP).
This lecture describes the Security Rule, the section of HIPAA that specifies safeguards for the protection of patient information, especially PHI in electronic form. These standards are made up of Technical, Physical, and Administrative safeguards. These safeguards are designed to ensure the Confidentiality, Integrity, and Availability (CIA) of patient data.
This lecture provides a brief overview of the HIPAA regulations for Business Associates, including who qualifies as a Business Associate. It also describes the requirement that all Business Associates sign agreements with Covered Entities and with their own subcontractors.
HIPAA was extensively modified by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. This lecture provides an overview of how the HITECH Act increased civil penalties, strengthened breach notification requirements, exempted encrypted data from breach reporting, and required Business Associates to comply with HIPAA to the same extent as Covered Entities. It also describes regulatory changes that came about through the HIPAA Omnibus Final Rule of 2013.
This lecture provides detailed description of the regulations that govern breach reporting. It explains what constitutes a breach, which parties must be informed, the exemption of encrypted data from breach reporting, and the special requirements that apply to breaches of 500 or more patient records. It also describes the penalties that an organization may incur for data breaches, depending on the severity and cause of the breach.
This lecture explains the requirements for HIPAA-compliant policies and procedures, with guidance on how these should be formulated. It also explains that all personnel who come into contact with PHI must complete HIPAA training on at least an annual basis, and it outlines the requirements for HIPAA awareness programs.
This lecture describes how organizations that must comply with HIPAA also must comply with other laws, increasing regulatory complexity. These other laws include privacy protection laws at the state level, PCI DSS security standards for credit card transactions, the Gramm-Leach-Bliley Act, the Sorbanes-Oxley Act, and more.