• Online, Self-Paced
  • Classroom
  • Online, Instructor-Led

This course in an annual briefing on the impact of HIPAA, HITECH, Omnibus on Business Associates. This is recommended for all employees of Business Associates having access to protected health information (PHI) and who need awareness training in HIPAA privacy and security rules. Targeted audience for this Course is any single individual who works or will work in future for any company that offers services or products to healthcare entities, health plans, health insurance providers, or other business associates and will have access to protected health information (PHI), example Medical couriers, Medical billing, Business processing outsourcing (BPO) provider, Document/record storage, Medical transcription services, Insurance brokers (take course designed for insurance brokers), Document disposal (shredding) companies, Answering services, CPAs, Third party administrator (TPA), Software companies, Patient safety or accreditation organizations, Pharmaceutical representatives, e-prescribing gateways and other HIOs, Medical device manufacturers, Pharmacy benefit managers, Collection agencies, Attorneys, Health information exchanges (HIEs), Actuaries, Marketing services, Cleaning services, Asset recyclers, Researchers (if performing HIPAA functions for a covered entity) , Accounting services firm, Auditors, Healthcare consultants, Financial institutions (if engaging in accounts receivable or other functions extending beyond payment processing), Cloud vendors, etc.

Learning Objectives

  • Refresher on HIPAA
    • Definition: Health information
    • Health Information: Sets and Subsets
    • Covered Entities
    • Business Associates
    • Contracting Arrangements
    • Information Covered: Privacy Rule
    • Information Covered: Security Rule
    • Minimum Necessary
    • Required Retention Documentation
    • Civil Penalties
    • Criminal Penalties
    • HIPAA Security Rule – Overview
    • Administrative Standards
    • Additional Standards
    • Rules for the BA’s
    • Business Associate Contracts
  • Business Associate Close-Up: All BA Services and Support Providers
    • Business Associate: BA Agreements
    • Examples of potential exposures:
    • Examples of required steps and possible solutions:
    • Points to remember
  • Yesterday: Review: Breaches & Fines
    • Previous Breaches & Fines
    • Lessons – Learned?
    • Ramifications
    • Documentation
    • Event Response & Risk Assessment
  • Tomorrow: What the Future May Hold
    • Audits: Planned Approach & Expectations
    • Outcomes and Trends
  • Summary
  • Next Steps

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.