• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced

This course in an annual briefing on the impact of HIPAA, HITECH, Omnibus on Research Organizations and Activities. This is recommended for all employees of Research Organizations and Activities having access to protected health information (PHI) and who need awareness training in HIPAA privacy and security rules. Targeted audience For HIPAA purposes “Research” is defined as: any systematic investigation (including research development, testing, and evaluation) that has as its primary purpose the development of, or contribution to, generalizable knowledge. This is intended to cover human subject research involving IIHI, not research on data that have been de-identified in accordance with 45 CFR 164.502(d), and 164.514(a)-(c), example a university that conducts human subject research projects, an independent research organization, medical schools, laboratories doing research, pharmaceutical companies and others.

Learning Objectives

  • Refresher on HIPAA
    • Definition: Health information
    • Health Information: Sets and Subsets
    • Covered Entities
    • Business Associates
    • Contracting Arrangements
    • Information Covered: Privacy Rule
    • Information Covered: Security Rule
    • Minimum Necessary
    • HIPAA Security Rule – Overview
    • Administrative Standards
    • Additional Standards
    • Rules for the BA’s
    • Business Associate Agreements
    • Business Associate: BA Agreements
    • Civil Penalties
    • Criminal Penalties
  • HIPAA Entity Close-up: Research Organizations and Activities
    • HIPAA Entity: Research Activities
    • Examples of potential exposures:
    • Examples of required steps and possible solutions:
    • Points to remember
  • Yesterday: Review: Breaches & Fines
    • Previous Breaches & Fines
    • Lessons – Learned?
    • Ramifications
    • Documentation
    • Event Response & Risk Assessment
  • Tomorrow: What the Future May Hold
    • Audits: Planned Approach & Expectations
    • Outcomes and Trends
  • Summary
  • Next Steps

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@hq.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.