Certified HIPAA Security Expert (CHSE)
Details
Outline
Course Learning Objectives:
Chapter 1 - HIPAA Basics
- Understand the purpose for HIPAA legislation
- Review the HIPAA Administrative Simplification title
- Review non-compliance penalties (civil and criminal)
- Review key organizations associated with administering HIPAA Administrative Simplification provisions
- Review HIPAA-related terminology and definitions
Chapter 2 - Transactions & Code Sets Overview
- Understand motivation and drivers behind requiring HIPAA standard transactions and code sets
Chapter 3 - Transactions – ANSI X12 and NCPDP
- Examine the ANSI ASC X12 & NCPDP transactions
Chapter 4 - Code Sets & National Identifiers
- Understand the code sets approved for use with HIPAA-covered transactions
- Understand national identifiers that have been adopted or may be adopted to identify entities or individuals under HIPAA-covered transactions
Chapter 5 - HIPAA and Health Data – Security & Privacy Requirements
- Describe how HIPAA relates to health information exchange
- Identify the steps for compliance with the HIPAA Privacy Rule
- Identify the steps for compliance with the HIPAA Security Rule
- Review compliance framework
Chapter 6 - HIPAA Privacy Rule
- Understand the core requirements, key terms, and concepts of the Privacy Rule
Chapter 7 - HIPAA Security Rule - Overview
- Describe the scope of the HIPAA Security Rule.
- Understand threats and attacks health care that cause enterprise to be vulnerable.
- Define key security terminology, concepts, and categories
- Describe administrative safeguard implementation specifications.
- Describe physical safeguard implementation specifications.
- Explain technical safeguard implementation specifications.
- Describe organizational requirements.
- Describe the policies and procedural standards, as well as the documentation standards.
Chapter 8 - HIPAA Security Rule – Threats and Technology Options
- Identify technical/electronic threats to the health care enterprise
- Explain security technology and electronic protection options that may meet Security Rule and Privacy Rule security provisions compliance requirements
Chapter 9 - Advanced Administrative Safeguards
- Describe the requirements for the Security Awareness and Training standard.
- Explain the requirements for the Security Incident Procedures standard.
- Describe the requirements for the Contingency Plan standard.
- Describe the requirements for the Evaluation standard.
- Describe the Business Associate Contract and Other Written Arrangements standard.
Chapter 10 - Physical Safeguards Overview
- Explain key steps for a physical safeguard assessment based on the HIPAA Privacy Rule
Chapter 11 - Advanced Physical Safeguards
- Describe physical safeguard requirements
- Review facility access control
- Describe workstation use and security standards
- Describe required and example policies, procedures and practices to reasonably ensure appropriate physical safeguards have been implemented
Chapter 12 - Physical Safeguards – Data & Media Management
- Describe requirements for device and media controls
Chapter 13 - Security Technical Safeguards Overview
- Describe the Security Rule defined Technical Safeguards
- Describe the Access Control standard
- Examine the Audit Control standard
- Describe the Integrity standard
- Identify key elements of the Person or Entity Authentication standard
- Review the Transmission Security standard
Chapter 14 - Security Advanced Technical Safeguards
- Describe the Transmission Security standard
- Examine the Transmission Control Protocol/Internet Protocol (TCP/IP) architecture and its key protocols
- Analyze firewall systems and their role
- Examine Virtual Private Networks (VPNs)
- Describe wireless security requirements
- Identify types of encryption that may be supported by health care entities
- Describe core elements of Windows security.
Chapter 15 - Digital Signatures and Certs
- Explain the requirements of the proposed Security Rule’s electronic signature requirements (not included in the final rule)
- Describe a digital signature
- Describe a digital certificate and its relationship to a digital signature
- Examine the role of a Public Key Infrastructure (PKI) in supporting requirements for digital signatures
Chapter 16 - Security Policy and Standards
- Explain how identifying threats and vulnerabilities impact risk management strategies and the development of appropriate security policies
- Describe ISO/IEC 27002 and ISO/IEC 27001 standards
- Identify factors that impact the development of an enterprise security policy
- Describe security policy documents that address areas, such as acceptable use policies
Chapter 17 - American Recovery & Reinvestment Act
- American Recovery & Reinvestment Act (ARRA), Title XIII, Subpart D Overview (HITECH)
- Business Associates New Requirements
- Breach Notification Requirements
- New Privacy & Security Requirements
- Increased Enforcement & Penalties
- Federal Reporting & Resource Requirements
- Compliance Tips
Chapter 18 - The Omnibus Rule
- Omnibus Rule Background
- Breach Notification Rule
- New Limits on Uses and Disclosures of PHI
- Business Associates
- Increased Patient Rights
- Notice of Privacy Practices
- Increased Enforcement
- Update Action Considerations
We are focused on the HIPAA compliance training, HIPAA consulting and HIPAA compliance templates. Our aim is to offer practical, customized and affordable solutions for HIPAA compliance.
The focus of our HIPAA Certification Training & Compliance website is to help healthcare organizations meet compliance in a timely and cost effective manner by offering a broad portfolio of products and services. We provide HIPAA compliance kits, manuals, training, templates and compliance consulting services to help make your HIPAA compliance efforts successful, self sufficient and cost-effective.
We assist healthcare organizations, health plans, employers, Business Associates and alternative medicine providers with their HIPAA compliance efforts. Large or small, one of our options will fit your HIPAA compliance needs and budget.