Library Guide: HIPAA



Similar documents
LIBRARY GUIDE: Pharmaceutical Sales & Marketing

Custom Course Development Services

Best Practices for Deploying a Learning Management System

Clinical Training Management

Learning Management System Evaluation Guide

LIBRARY GUIDE: Medical Device Sales & Marketing

Making SOP Training More Effective

The SaaS LMS and Total Cost of Ownership in FDA-Regulated Companies

How Companies Can Reduce Costs with Cloud-Based Training

Custom Courses THAT SATISFY BOTH YOUR BUSINESS AND BUDGET NEEDS

A Quality and Compliance Training Road Map for Emerging FDA-Regulated Companies

Using Training Data to Drive Up Quality Metrics SURVEY OF QUALITY ASSURANCE EXECUTIVES

White Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES

A Model for Training/Qualification Record Validation within the Talent Management System

LIBRARY GUIDE: Clinical Medical Device

Top Seven Risks to Consider When Selecting a Life Science LMS

HIPAA Overview. Darren Skyles, Partner McGinnis Lochridge. Darren S. Skyles

Name of Other Party: Address of Other Party: Effective Date: Reference Number as applicable:

Quality and Compliance: The Core of the Life Science Learning System

ComplianceWire COMPLIANCE MANAGEMENT FOR LIFE SCIENCE ORGANIZATIONS

How CMOs are Turning Their Training Programs into Market Differentiators

HIPAA Security Rule Compliance

Meaningful Use and Security Risk Analysis

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

HIPAA Privacy and Business Associate Agreement

Our Commitment to Information Security

Joe Dylewski President, ATMP Solutions

LIBRARY GUIDE: Clinical Pharmaceutical

HIPAA COMPLIANCE PLAN FOR 2013

SAMPLE BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATES AND BUSINESS ASSOCIATE AGREEMENTS

Business Associates, HITECH & the Omnibus HIPAA Final Rule

SECURITY RISK ASSESSMENT SUMMARY

What is HIPAA? The Health Insurance Portability and Accountability Act of 1996

Community First Health Plans Breach Notification for Unsecured PHI

The Basics of HIPAA Privacy and Security and HITECH

REGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI

BUSINESS ASSOCIATE AGREEMENT

COMPLIANCE ALERT 10-12

HIPAA Privacy Rule Policies

Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information

Privacy Officer Job Description 4/28/2014. HIPAA Privacy Officer Orientation. Cathy Montgomery, RN. Presented by:

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

ComplianceWire COMPREHENSIVE TRAINING SOLUTIONS FOR OPERATIONALLY EXCELLENT ORGANIZATIONS

Sunday March 30, 2014, 9am noon HCCA Conference, San Diego

HIPAA Security. 5 Security Standards: Organizational, Policies. Security Topics. and Procedures and Documentation Requirements

Sample Business Associate Agreement Provisions

BREVIUM HIPAA BUSINESS ASSOCIATE TERMS AND CONDITIONS

What Health Care Entities Need to Know about HIPAA and the American Recovery and Reinvestment Act

HIPAA Enforcement Training for State Attorneys General

University Healthcare Physicians Compliance and Privacy Policy

HIPAA RISKS & STRATEGIES. Health Insurance Portability and Accountability Act of 1996

2/9/ HIPAA Privacy and Security Audit Readiness. Table of contents

STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM

Dissecting New HIPAA Rules and What Compliance Means For You

Definitions: Policy: Duties and Responsibilities: The Privacy Officer will have the following responsibilities and duties:

BUSINESS ASSOCIATE AGREEMENT Health Insurance Portability and Accountability Act (HIPAA)

BUSINESS ASSOCIATE AGREEMENT First Choice Community Healthcare, Inc.

OCR UPDATE Breach Notification Rule & Business Associates (BA)

Decrypting the Security Risk Assessment (SRA) Requirement for Meaningful Use

A How-To Guide for Updating HIPAA Policies & Procedures to Align with ARRA Health Care Provider Edition Version 1

DEPARTMENT OF MENTAL HEALTH AND DEVELOPMENTAL DISABILITIES

ELECTRONIC HEALTH RECORDS

HIPAA PRIVACY AND SECURITY FOR EMPLOYERS

BUSINESS ASSOCIATE AGREEMENT

SCDA and SCDA Member Benefits Group

Business Associates and HIPAA

The Impact of HIPAA and HITECH

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT

6/17/2013 PRESENTED BY: Updates on HIPAA, Data, IT and Security Technology. June 25, 2013

HIPAA Compliance: Are you prepared for the new regulatory changes?

Welcome to part 2 of the HIPAA Security Administrative Safeguards presentation. This presentation covers information access management, security

BUSINESS ASSOCIATE AGREEMENT

The OCR Audit Protocol a first look

INTERMACS REGISTRY BUSINESS ASSOCIATE AGREEMENT

HIPAA: AN OVERVIEW September 2013

New Developments in Safeguarding Protected Health Information During 2014

HIPAA Security Compliance Reviews

Use & Disclosure of Protected Health Information by Business Associates

BUSINESS ASSOCIATE ADDENDUM. WHEREAS, Provider (as defined below) has a contractual relationship with FHCCP requiring this Addendum;

HIPAA Compliance Manual

Please Read. Apgar & Associates, LLC apgarandassoc.com P. O. Box Portland, OR Fax

Understanding Health Insurance Portability Accountability Act AND HITECH. HIPAA s Privacy Rule

HIPAA Business Associate Contract. Definitions

A Playbook for FCPA and Anti-Bribery Compliance Training & Communication

REQUEST FOR BOARD ACTION

Securing Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use

New HIPAA Breach Notification Rule: Know Your Responsibilities. Loudoun Medical Group Spring 2010

HIPAA Employee Compliance Program TRAINING MANUAL

SAMPLE BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT. Recitals

HIPAA and HITECH Compliance for Cloud Applications

BUSINESS ASSOCIATE AGREEMENT HIPAA Omnibus Rule (Final Rule)

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

HIPAA and Mental Health Privacy:

Getting Hip to the HIPAA and HITECH Act Compliance

BUSINESS ASSOCIATE AGREEMENT HIPAA Protected Health Information

The benefits you need... from the name you know and trust

Achieving HIPAA Security Rule Compliance with Lumension Solutions

Transcription:

Library Guide: HIPAA

Page 2

Table of Contents Overview...2 Course Descriptions: Privacy and Security Library: Business Practices to Protect Personal Health Information (HIPAA05)... 3 HIPAA: General Awareness (HIPAA01)...................................................... 3 HIPAA Privacy: Role Based Training I Incidental PHI Contact (HIPAA06)... 3 HIPAA Privacy: Role Based Training II Internal Uses of PHI (HIPAA07)...4 HIPAA Privacy: Role Based Training III Uses and Disclosures of PHI (HIPAA08)... 4 HIPAA Privacy: Role Based Training IV Managers, Supervisors and Compliance Staff (HIPAA09)... 4 HIPAA: Privacy Standards (HIPAA02)... 5 Information Security (HIPAA10)...5 Page 1

Overview: UL EduNeering and our Subject Matter Experts have considerable experience with the practical application of privacy and security laws and regulations, and we provide training as required by Health Insurance Portability and Accountability Act (HIPAA) and applicable state laws. Our staff includes regulatory compliance experts, instructional design professionals, software engineers, and information technology specialists. We also partner with nationally-recognized experts and work closely with federal government regulators. In 2009, US Department of Health and Human Services (HHS) Secretary Kathleen Sebelius transferred responsibility for HIPAA security oversight to the Office of Civil Rights (OCR). OCR already had responsibility for HIPAA privacy, underscoring the link between privacy and security. The latest HIPAA requirements were embedded into the Health Information Technology for Economic and Clinical Health (HITECH) portion of the American Recovery and Reinvestment Act (ARRA). The HIPAA Privacy and Security Library consists of three primary components: general training, specialized training for persons interested in greater detail, and training on an organization s own policies and procedures. Please Note: As with all UL instructional materials, you can customize the existing courses by incorporating your own company or site-specific information. Page 2

Course Descriptions: Listed Alphabetically Business Practices to Protect Personal Health Information (HIPAA05) This course provides all employees and associates with knowledge of the privacy and security practices for health plans as required by the Health Insurance Portability and Accountability Act (HIPAA) of 1996. This course includes updated requirements that were included in the Health Information Technology for Economic and Clinical Health Act (HITECH). Employees will learn the basic principles of health information privacy and security, how they impact the organization and how they apply to everyday work situations. The course also covers patients rights under HIPAA and the consequences for violating privacy and security practices. After completing this course, you will know the basics of our privacy and security practices. More importantly, you will know your roles and responsibilities related to health information. HIPAA: General Awareness (HIPAA01) This course is fully customizable to reflect company or even site-specific information. Employees will learn about the Privacy and Security Standards as well as the Data Standardization rules. Employees will explore HIPAA s impact on their organization and understand how the legislation affects their everyday work activities. After completing this course, you will be able to identify the goals of HIPAA and its Administrative Simplification provisions. You will also be able to identify entities covered under the law and know how the law is enforced. Most importantly, you will be able to identify the key privacy and security requirements that apply to the use and disclosure of protected health information (PHI). HIPAA Privacy: Role Based Training I Incidental PHI Contact (HIPAA06) This course is designed for employees who do not access Protected Health Information (PHI) as part of their regular duties, but need to know what they should do when they do come into contact with PHI. After completing this course, you will be able to apply HIPAA s privacy requirements to situations you are likely to experience. Prerequisite: Before taking this course, learners should complete one or more of the following: Business Practices to Protect Personal Health Information HIPAA: General Awareness HIPAA: Privacy Standards Page 3

HIPAA Privacy: Role Based Training II Internal Uses of PHI (HIPAA07) This course is designed for employees who are authorized to use PHI as part of their regular duties. After completing this course, you will be able to apply HIPAA s privacy requirements to situations you encounter every day. Prerequisite: Before taking this course, learners should complete one or more of the following: Business Practices to Protect Personal Health Information HIPAA: General Awareness HIPAA: Privacy Standards HIPAA Privacy: Role Based Training III Uses and Disclosures of PHI (HIPAA08) This course is designed for employees who are authorized to request, use and disclose Protected Health Information (PHI) as part of their regular duties. After completing this course, learners will be able to apply HIPAA s privacy requirements to situations they encounter every day. After completing this course, you will be able to apply HIPAA s privacy requirements to situations you encounter every day. Prerequisite: Before taking this course, learners must complete one or more of the following: Business Practices to Protect Personal Health Information HIPAA: General Awareness HIPAA: Privacy Standards HIPAA Privacy: Role Based Training IV Managers, Supervisors and Compliance Staff (HIPAA09) This course is designed for HIPAA privacy officials, supporting HIPAA compliance staff, and managers, including those who have additional compliance responsibilities, such as ownership of Protected Health Information (PHI) sources or information application and system purchases. After completing this course, learners will be able to apply HIPAA s privacy requirements to situations they encounter every day. Prerequisite: Before taking this course, learners should complete one or more of the following: Business Practices to Protect Personal Health Information HIPAA: General Awareness HIPAA: Privacy Standards After completing this course, you will be able to apply HIPAA s privacy requirements to situations in which your experience and knowledge are required to ensure compliance. Page 4

HIPAA: Privacy Standards (HIPAA02) This course gives an in-depth look at the Privacy Standards included in the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and discusses what these regulations mean for health plans doing business in the United States. This course includes updated requirements that are included in the Health Information Technology for Economic and Clinical Health Act (HITECH). It provides a closer look at the use and disclosure of protected health information and also educates users on identifying when an individual s permission is required and what type of permission is necessary. The course also explains the concept of minimum necessary and how it affects use and disclosure of Protected Health Information (PHI). A discussion of the individual rights that provide members and patients greater control over their health information is also covered. After completing this course, you will be familiar with the rules governing the use and disclosure of protected health information (PHI). You will be able to identify when an individual s permission is required and what type of permission is necessary. You will also be able to define the minimum necessary provision and recognize how it affects our use and disclosure of PHI. Finally, you will be able to identify individual rights specified in the Privacy Standards that allow health plan members greater control over their health information. Information Security (HIPAA10) This course discusses each requirement under the HIPAA Security Standard as well as requirements under other regulations and security guidelines. Information security is critical for any business, and it is the law for Health Care organizations. Through engaging scenarios and interactions, this course trains all employees and associates on the basics required before they begin work, including protection from viruses and other malicious software, password management and use, workstation security and location, and security reminders. More advanced topics are also covered, such as incident reporting and response, emergency measures, e-mail security, media controls, and how to select a new password. After completing this course, you will be familiar with the security policies, procedures, and controls that are a part of our daily business routine. You will also be able to identify and respond to suspected security breaches. This course addresses security training for all management and staff, and presents Health Care industry current practices as outlined by the HIPAA regulations, implemented by the Centers for Medicare and Medicaid Services (CMS) CSR rules, supported by the National Institutes for Standards and Technology (NIST) guidelines, and developed by a leading industry/government workgroup and other industry standards groups. Page 5

About UL EduNeering UL EduNeering is a business line within UL Life & Health s Business Unit. UL is a global independent safety science company offering expertise across five key strategic businesses: Life & Health, Product Safety, Environment, Verification Services and Enterprise Services. UL EduNeering develops technology-driven solutions to help organizations mitigate risks, improve business performance and establish qualification and training programs through a proprietary, cloud-based platform, ComplianceWire. For more than 30 years, UL has served corporate and government customers in the Life Science, Health Care, Energy and Industrial sectors. Our global quality and compliance management approach integrates ComplianceWire, training content and advisory services, enabling clients to align learning strategies with their quality and compliance objectives. Since 1999, under a unique partnership with the FDA s Office of Regulatory Affairs (ORA), UL has provided the online training, documentation tracking and 21 CFR Part 11-validated platform for ORA-U, the FDA s virtual university. Additionally, UL maintains exclusive partnerships with leading regulatory and industry trade organizations, including AdvaMed, the Drug Information Association, the Personal Care Products Council and the Duke Clinical Research Institute. 202 Carnegie Center Suite 301 Princeton, NJ 08540 609.627.5300 UL and the UL logo are trademarks of UL LLC 2014. uleduneering.com LG/122713/HC

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information