• Online, Self-Paced
  • Classroom
  • Online, Instructor-Led
Course Description

This course in an annual briefing on the impact of HIPAA, HITECH, Omnibus on Group Health Plans. This is recommended for all employees of health plan having access to protected health information (PHI) and who need awareness training in HIPAA privacy and security rules. Targeted audience for this Course is any single individual who works in the HR benefits staff for an organization involved in sponsoring and managing group health plan benefits for its employees, example HR benefits staff for employers who sponsor group health plans (self-insured and fully insured) for their employees such as medical health plans, dental, vision, flexible spending accounts, etc.

Learning Objectives

  • HIPAA Titles and Their Relationships
    • Definitions: PRIVACY & Security Objectives
    • Definition: Health information
    • Definition: Identifiers
    • Definition: Health Information
    • Health Information: Sets and Subsets
    • Information Covered: Privacy Rule
    • Information Covered: Security Rule
    • Minimum Necessary
    • Before PHI is Used or Disclosed
    • Required Retention Documentation
    • Civil Penalties
    • Criminal Penalties
  • HIPAA Security Rule – Overview
    • Administrative Standards
    • Additional Standards
    • Covered Entities
    • Business Associates
    • Contracting Arrangements
    • Rules for the BA’s
    • Business Associate Agreements
  • Agenda - Provider Close-Up: Group Healthplans
    • Provider:  Group Healthplans
    • Authorization versus Consent
    • Permissible Activities
    • Authorization Requirements
    • Defective Authorizations
    • Permissible Activities and Patient Options
  • Agenda - The Year in Review:  Investigations and Breaches
    • Breach Notification Requirements
    • Examples of Breaches
    • 2015: Breaches & Fines
    • 2017:  Recent Healthplan Breaches
    • Lessons – Learned?
    • Ramifications
  • Agenda - Today:  Where Attention is Needed
    • Documentation
    • Event Response & Risk Assessment
    • Quick Review
  • Agenda - Tomorrow:  What the Future May Hold
  • Summary
  • Next Steps

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Incident Response
  • Training, Education, and Awareness
  • Risk Management