• Online, Self-Paced
  • Classroom
  • Online, Instructor-Led
Course Description

This course in an annual briefing on the impact of HIPAA, HITECH, Omnibus on Research Organizations and Activities. This is recommended for all employees of Research Organizations and Activities having access to protected health information (PHI) and who need awareness training in HIPAA privacy and security rules. Targeted audience For HIPAA purposes “Research” is defined as: any systematic investigation (including research development, testing, and evaluation) that has as its primary purpose the development of, or contribution to, generalizable knowledge. This is intended to cover human subject research involving IIHI, not research on data that have been de-identified in accordance with 45 CFR 164.502(d), and 164.514(a)-(c), example a university that conducts human subject research projects, an independent research organization, medical schools, laboratories doing research, pharmaceutical companies and others.

Learning Objectives

  • Refresher on HIPAA
    • Definition: Health information
    • Health Information: Sets and Subsets
    • Covered Entities
    • Business Associates
    • Contracting Arrangements
    • Information Covered: Privacy Rule
    • Information Covered: Security Rule
    • Minimum Necessary
    • HIPAA Security Rule – Overview
    • Administrative Standards
    • Additional Standards
    • Rules for the BA’s
    • Business Associate Agreements
    • Business Associate: BA Agreements
    • Civil Penalties
    • Criminal Penalties
  • HIPAA Entity Close-up: Research Organizations and Activities
    • HIPAA Entity: Research Activities
    • Examples of potential exposures:
    • Examples of required steps and possible solutions:
    • Points to remember
  • Yesterday: Review: Breaches & Fines
    • Previous Breaches & Fines
    • Lessons – Learned?
    • Ramifications
    • Documentation
    • Event Response & Risk Assessment
  • Tomorrow: What the Future May Hold
    • Audits: Planned Approach & Expectations
    • Outcomes and Trends
  • Summary
  • Next Steps

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.