HIPAA Compliance

A new section of each course starts monthly. If enrolling in a series of two or more courses, please be sure to space the start date for each course at least two months apart.

All courses run for six weeks, with a two-week grace period at the end. Two lessons are released each week for the six-week duration of the course. You do not have to be present when lessons are released. You will have access to all lessons until the course ends. However, the interactive discussion area that accompanies each lesson will automatically close two weeks after the lesson is released. As such, we strongly recommend that you complete each lesson within two weeks of its release.

The final exam will be released on the same day as the last lesson. Once the final exam has been released, you will have two weeks to complete all of your course work, including the final exam.

Lesson 1
In our first lesson, we'll lay out the foundation of HIPAA so you'll understand the motivation behind the law. We'll focus specifically on the Administrative Simplification portion of HIPAA and give you a good idea of its goals. As with any law, noncompliance comes at a price. So we'll also take a look at the penalties involved for anyone who ignores HIPAA's requirements.

Lesson 2
HIPAA has a language all its own. To truly grasp the scope of the law, it's important that you become familiar with HIPAA's lingo and also its players?the various organizations involved in setting HIPAA standards. And that's what we'll work on in this lesson. By the time you finish, you'll understand HIPAA's jargon and be able to untangle its acronyms.

Lesson 3
It's time to put your newfound lingo to use. The overriding goal of HIPAA is to protect personal health information. In this lesson, we'll identify the 12 types of electronic transactions that HIPAA covers. We'll also take a peek at the code sets and identifiers used in these transactions. Transactions, code sets, and identifiers are key to your understanding of HIPAA, and this lesson will put those pieces of the puzzle together.

Lesson 4
The Privacy Rule is another key element of HIPAA, and it has some core requirements. When you finish this lesson, you'll have a good understanding of those requirements as well as an overview of the Privacy Rule's relationship to other privacy laws. Privacy breaches can have far-reaching consequences, so we'll take a look at some examples to help emphasize the value of the Privacy Rule.

Lesson 5
Now that you understand the Privacy Rule, we'll take the next step and delve into the requirements for using and disclosing protected health information (PHI). HIPAA has two types of disclosures: required and permitted. At the end of this lesson, you'll understand the difference between the two. Another concept that figures heavily into the entire HIPAA picture is minimum necessary. You'll see how this concept fits neatly into the issue of PHI disclosures.

Lesson 6
Under HIPAA, patients have seven fundamental privacy rights. And those rights are what we'll be examining in this lesson. You'll learn that included in HIPAA are careful steps to make sure patients have access to their own medical information and control over how it's disclosed. You'll also see how state laws can expand on HIPAA's provisions.

Lesson 7
The health care industry doesn't operate in a vacuum. Health care entities provide services through a network of relationships with other entities. We'll focus on those relationships in this lesson. We'll examine business relationships and learn how to recognize their differences. We'll also take a closer look at the business associate relationship from the perspective of contracts and liability.

Lesson 8
The Security Rule is the companion to HIPAA's Privacy Rule. In this lesson, we'll turn our attention to the concept of information security. Security has its own key terms, and we'll spend some time defining them so you'll be familiar with their meaning. We'll also address the various threats that exist when we electronically handle and transmit protected health information.

Lesson 9
Continuing the journey into HIPAA's Security Rule, in this lesson, we'll explore the Security Rule's fundamental approach to addressing security. We'll examine the philosophy and principles behind the Security Rule. Then we'll go over the standards for implementation, and you'll learn which ones are required and which are simply addressable. We'll also take a look at some real-life security breaches, which should emphasize the need for good security practices.

Lesson 10
The Security Rule covers three major areas: administrative safeguards, physical safeguards, and technical safeguards. In this lesson, we'll focus on administrative safeguards. By the end of the lesson, you'll understand that administrative safeguards are actions, policies, and procedures designed to manage your security choices.

Lesson 11
In this lesson, we'll look at the physical and technical safeguards component of the Security Rule. We'll dig into their various standards and implementation specifications so you can see how they apply to your own organization. We'll also talk a bit about how the Security Rule and the Privacy Rule overlap.

Lesson 12
When it's time to begin creating your own policies and procedures to implement HIPAA, it helps to have a framework to follow. And that's what this lesson will give you: a description of the most common frameworks available to best suit you. We'll also look at some health care trends so you'll have an idea of what the future holds for HIPAA.