Introduction to HIPAAThe first lesson will lay out the foundation of HIPAA so that you'll understand the motivation behind the law. It will focus specifically on the Administrative Simplification portion of HIPAA and give you a good idea of its goals. As with any law, noncompliance comes at a price, so you'll also take a look at the penalties involved for anyone who ignores HIPAA's requirements.
HIPAA's Major Players: Covered Entities, Business Associates, and Related OrganizationsAre you interested in working in a medical or dental office, an insurance company, or a government agency like the Centers for Medicare and Medicaid Services or the Department of Health and Human Services? All of these organizations are subject to HIPAA, and all of them have to work together. In this lesson, you'll learn which groups must comply with HIPAA's rules and standards as they gather and transmit health-related information. By the time you're done with this lesson, you'll know the difference between a covered entity, a business associate, and a trading partner.
Transactions, Code Sets, and IdentifiersIt's time to put your newfound lingo to use. The overriding goal of HIPAA is to protect personal health information. In this lesson, you'll identify the 12 types of electronic transactions that HIPAA covers. You'll also take a peek at the code sets and identifiers used in these transactions. Transactions, code sets, and identifiers are key to your understanding of HIPAA, and this lesson will put those pieces of the puzzle together.
Introduction to the Privacy RuleWhat happens if you or your employer violates the Privacy Rule? Could a court fine you or even send you to jail? What if the privacy breach was unintentional, and you tried to fix it as soon as you found out? Would that have any effect on your punishment? In this lesson, you'll answer these questions and many others as you delve into the administrative requirements of the Privacy Rule. You'll find out about civil and criminal penalties for noncompliance and wrongful disclosure of protected health information.
Use and Disclosure of Protected Health InformationNow that you understand the Privacy Rule, you'll take the next step and delve into the requirements for using and disclosing protected health information (PHI). HIPAA has two types of disclosures: required and permitted. At the end of this lesson, you'll understand the difference between the two. Another concept that figures heavily into the entire HIPAA picture is minimum necessary. You'll see how this concept fits neatly into the issue of PHI disclosures.
Patient RightsUnder HIPAA, patients have seven fundamental privacy rights. You'll examine those rights in this lesson and find out what procedures HIPAA requires to ensure that patients can access their own medical information and control how others disclose that information. You'll also see how state laws can expand on HIPAA's provisions.
Introduction to the Security RuleThe Security Rule is the companion to HIPAA's Privacy Rule. In this lesson, you'll turn your attention to the concept of information security. Security has its own key terms, and you'll spend some time on them so that you'll be familiar with their meanings. If you don't know the difference between a hacker and a spoofer, you will by the time this lesson is done! The lesson will also address the various threats that can exist when you electronically handle and transmit protected health information.
Risk Management and the Security Rule StandardsHow common are security breaches in the real world, and what effects can they have? As you continue to investigate HIPAA's Security Rule, you'll explore its fundamental approach to addressing security. You'll examine the philosophy and principles behind the Security Rule, then go over the standards for implementation and learn which ones are required and which are simply addressable. You'll also examine the frequency and costs of some real-life security breaches, which will help you understand why effective security practices matter so much.
Administrative SafeguardsThe Security Rule covers three major areas: administrative safeguards, physical safeguards, and technical safeguards. By the end of this lesson, you'll understand what administrative safeguards are and how they could affect you at your job.
Physical and Technical SafeguardsContinuing the journey into HIPAA's Security Rule, in this lesson, you'll examine the philosophy and principles behind the Security Rule. You'll go over the standards for implementation and learn which ones are required and which are simply addressable. You'll also take a look at some real-life security breaches, which should emphasize the need for good security practices.
Compliance, Rules, and AgreementsThe previous lessons emphasized how important it is for your organization to comply with HIPAA, but what if one of your business associates fails to comply and leaves your patients' data exposed? In recent years, the federal government has tightened up rules related to business associates and security breaches. In this lesson, you'll explore the rules and laws about compliance and business associates. By the time you're done, you'll understand the basics of a business associate agreement.
HIPAA: Wrapping It Up!When it's time to begin creating your own policies and procedures to implement HIPAA, it helps to have a framework to follow. That's what this lesson will give you: a description of the most common frameworks available so that you can choose the one that best suits your organization. You'll also look at some healthcare trends so that you'll have an idea of what the future holds for HIPAA.