Legal Compliance Courseware
Compliance
Health Insurance Portability and Accountability Act
HIPAA - Privacy Rule for Covered Entities
lchp_01_a08_lc_enus
HIPAA - Security Rule for Business Associates
lchp_01_a09_lc_enus
HIPAA - Security Rule for Covered Entities
lchp_01_a10_lc_enus
HIPAA – Privacy Rule for Business Associates
lchp_01_a07_lc_enus
HIPAA for Non-Medical Employers
lchp_01_a11_lc_enus
HIPAA Privacy Essentials
lchp_01_a12_lc_enus
HIPAA - Privacy Rule for Covered Entities
Lesson Objectives
HIPAA - Privacy Rule for Covered Entities
- recognize the importance of complying with privacy standards
- determine whether or not a given example is protected health information (PHI)
- identify your employer's policies for how to handle PHI
- determine whether a PHI disclosure requires patient authorization
- identify best practices for working with protected health information
- identify the preferred response to a suspected violation of the Privacy Rule
- identify the minimum necessary information to provide, given a request or need to disclose PHI
- recognize how to handle protected health information in accordance with the HIPAA Privacy Rule
Overview/Description
The information that a health care provider collects and uses to provide patient care is confidential and often sensitive. Because of the sensitive nature of medical records and other personally identifiable information, patients trust their health care provider to safeguard their information and use it appropriately. Employees of organizations that are considered 'covered entities' under HIPAA work with patients and their confidential information on a daily basis, and are required to follow the HIPAA Privacy Rule as well as their employer's internal privacy policies. In this course, you will learn how to identify protected health information, how to appropriately use and disclose PHI, and how to implement best practices for safeguarding the information you work with every day. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
The information that a health care provider collects and uses to provide patient care is confidential and often sensitive. Because of the sensitive nature of medical records and other personally identifiable information, patients trust their health care provider to safeguard their information and use it appropriately. Employees of organizations that are considered 'covered entities' under HIPAA work with patients and their confidential information on a daily basis, and are required to follow the HIPAA Privacy Rule as well as their employer's internal privacy policies. In this course, you will learn how to identify protected health information, how to appropriately use and disclose PHI, and how to implement best practices for safeguarding the information you work with every day. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
Target Audience
Any employee of a covered entity who handles PHI directly, or who interacts with business associates that handle PHI
Any employee of a covered entity who handles PHI directly, or who interacts with business associates that handle PHI
HIPAA - Security Rule for Business Associates
Lesson Objectives
HIPAA - Security Rule for Business Associates
- recognize the goals of HIPAA's Security Rule
- recognize why it's important to comply with the HIPAA Security Rule
- recognize examples of the types of safeguards required by the HIPAA Security Rule
- handle e-PHI appropriately, according to the HIPAA Security Rule
- identify security practices for e-mail and remote access
- identify how to safeguard electronic protected health information in accordance with the HIPAA Security Rule
Overview/Description
This course provides employees of business associates (as defined by HIPAA) with an overview of the security obligations that apply to their organizations with respect to electronically stored and transmitted PHI. It explains the importance of compliance, the different kinds of safeguards that business associates are required to put in place, and the role of individual employees in preventing data breaches. Employees are advised on best practices to reduce risks to e-PHI, including how to achieve better security when e-mailing, browsing the web, or remotely accessing e-PHI. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
This course provides employees of business associates (as defined by HIPAA) with an overview of the security obligations that apply to their organizations with respect to electronically stored and transmitted PHI. It explains the importance of compliance, the different kinds of safeguards that business associates are required to put in place, and the role of individual employees in preventing data breaches. Employees are advised on best practices to reduce risks to e-PHI, including how to achieve better security when e-mailing, browsing the web, or remotely accessing e-PHI. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
HIPAA - Security Rule for Covered Entities
Lesson Objectives
HIPAA - Security Rule for Covered Entities
- recognize the importance of complying with HIPAA's Security Rule
- recognize the goals of the HIPAA Security Rule
- identify examples of safeguards required by the HIPAA Security Rule
- identify how to handle e-PHI appropriately according to the HIPAA Security Rule
- identify how to handle electronic protected health information as required by the HIPAA Security Rule
Overview/Description
This course provides employees of covered entitles with an overview of the security obligations that apply to their use of electronic protected health information (e-PHI). It explains the different kinds of safeguards that covered entities are required to put in place and explores best practices for preventing loss, theft, or unauthorized disclosure of e-PHI. These course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
This course provides employees of covered entitles with an overview of the security obligations that apply to their use of electronic protected health information (e-PHI). It explains the different kinds of safeguards that covered entities are required to put in place and explores best practices for preventing loss, theft, or unauthorized disclosure of e-PHI. These course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
Target Audience
Any employee of a covered entity who handles electronic PHI and is therefore responsible for its confidentiality, integrity, and security
Any employee of a covered entity who handles electronic PHI and is therefore responsible for its confidentiality, integrity, and security
HIPAA – Privacy Rule for Business Associates
Lesson Objectives
HIPAA – Privacy Rule for Business Associates
- recognize the importance of compliance with the Privacy Rule
- identify the key elements of the HIPAA Privacy Rule for business associates
- determine whether a given example is protected health information (PHI) or not
- determine when it's appropriate to release protected health information and what information can be released
- identify what a breach is under HIPAA
- identify best practices for working with protected health information
- identify how to handle protected health information in accordance with the HIPAA Privacy Rule
Overview/Description
The confidentiality of health information is closely safeguarded by HIPAA's Privacy Rule. All employees that regularly work with protected health information must understand the Rule's requirements for properly handling it. This course will explore the basic principles of the Privacy Rule and offer some best practices for protecting information and avoiding violations. The information contained in this course reflects the most recent updates to HIPAA as outlined in the Final Omnibus Rule of 2013. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
The confidentiality of health information is closely safeguarded by HIPAA's Privacy Rule. All employees that regularly work with protected health information must understand the Rule's requirements for properly handling it. This course will explore the basic principles of the Privacy Rule and offer some best practices for protecting information and avoiding violations. The information contained in this course reflects the most recent updates to HIPAA as outlined in the Final Omnibus Rule of 2013. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
Target Audience
Any employee of a business associate who handles PHI; not aimed at individuals within business associates who are responsible for establishing contracts with covered entities
Any employee of a business associate who handles PHI; not aimed at individuals within business associates who are responsible for establishing contracts with covered entities
HIPAA for Non-Medical Employers
Lesson Objectives
HIPAA for Non-Medical Employers
- identify what is and isn't PHI
- demonstrate an understanding of what is and isn't PHI
- identify when PHI can be used or disclosed without an individual’s authorization
- recognize characteristics of a valid HIPAA authorization
- recognize how the minimum necessary standard applies to PHI use
- recognize when PHI can be used or disclosed without an individual’s authorization, the characteristics of a valid HIPAA authorization, and how the minimum necessary standard applies to PHI use
- identify the individual’s rights regarding their PHI
- recognize an individual’s rights regarding their PHI
Overview/Description
Many organizations that fit the description of non-medical employers have employees, who by nature of their roles in Human Resources or benefits or health plan administration, have access to the personal and private health information of other employees. These organizations are legally obligated to protect this information as described by HIPAA's Privacy Rule. This course focuses on helping these employees learn how to identify protected health information (PHI), how to appropriately use, disclose, or request PHI, and the importance of following their employer's internal privacy policies and procedures for handling the PHI they come into contact with as they do their job.
Many organizations that fit the description of non-medical employers have employees, who by nature of their roles in Human Resources or benefits or health plan administration, have access to the personal and private health information of other employees. These organizations are legally obligated to protect this information as described by HIPAA's Privacy Rule. This course focuses on helping these employees learn how to identify protected health information (PHI), how to appropriately use, disclose, or request PHI, and the importance of following their employer's internal privacy policies and procedures for handling the PHI they come into contact with as they do their job.
Target Audience
All employees who may, by reason of their job role, be required to handle PHI requests
All employees who may, by reason of their job role, be required to handle PHI requests
HIPAA Privacy Essentials
Lesson Objectives
HIPAA Privacy Essentials
- identify key aspects of the HIPAA Administrative Simplification provisions
- recognize the HIPAA requirements Covered Entities and Business Associates must meet when handling PHI
- recognize key aspects of the HIPAA Administrative Simplification provisions and the requirements of Covered Entities and Business Associates
- identify examples of PHI
- identify the rights that apply to individuals under HIPAA
- describe the Minimum Necessary Rule
- describe the purpose of deidentifying PHI
- describe examples of PHI, what deidentification of PHI involves, and the rights and obligations for individuals and Covered Entities under HIPAA
- recognize the Covered Entitiy's notification requirement in the event of a data breach
- recognize the negative consequences for violations of HIPAA
- recognize the negative consequences for violations of HIPAA and the Covered Entity's notification in the event of a data breach
Overview/Description
This course presents an overview of HIPAA (the Health Insurance Portability and Accountability Act), outlining the main components and identifying who is covered by the Act. It examines the privacy provisions under HIPAA as they relate to protected health information (PHI). This course helps employees and business associates of covered entities recognize the key provisions of HIPAA, how their organizations are affected by HIPAA, and how the privacy rules impact them. These course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
This course presents an overview of HIPAA (the Health Insurance Portability and Accountability Act), outlining the main components and identifying who is covered by the Act. It examines the privacy provisions under HIPAA as they relate to protected health information (PHI). This course helps employees and business associates of covered entities recognize the key provisions of HIPAA, how their organizations are affected by HIPAA, and how the privacy rules impact them. These course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
