Legal Compliance Courseware
Compliance
Health Insurance Portability and Accountability Act
HIPAA - Privacy Rule for Covered Entities
HIPAA - Security Rule for Business Associates
HIPAA - Security Rule for Covered Entities
HIPAA – Privacy Rule for Business Associates
HIPAA for Non-Medical Employers
HIPAA Privacy Essentials

HIPAA - Privacy Rule for Covered Entities

Course Number:
lchp_01_a08_lc_enus
Lesson Objectives

HIPAA - Privacy Rule for Covered Entities

  • recognize the importance of complying with privacy standards
  • determine whether or not a given example is protected health information (PHI)
  • identify your employer's policies for how to handle PHI
  • determine whether a PHI disclosure requires patient authorization
  • identify best practices for working with protected health information
  • identify the preferred response to a suspected violation of the Privacy Rule
  • identify the minimum necessary information to provide, given a request or need to disclose PHI
  • recognize how to handle protected health information in accordance with the HIPAA Privacy Rule

Overview/Description
The information that a health care provider collects and uses to provide patient care is confidential and often sensitive. Because of the sensitive nature of medical records and other personally identifiable information, patients trust their health care provider to safeguard their information and use it appropriately. Employees of organizations that are considered 'covered entities' under HIPAA work with patients and their confidential information on a daily basis, and are required to follow the HIPAA Privacy Rule as well as their employer's internal privacy policies. In this course, you will learn how to identify protected health information, how to appropriately use and disclose PHI, and how to implement best practices for safeguarding the information you work with every day. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.

Target Audience
Any employee of a covered entity who handles PHI directly, or who interacts with business associates that handle PHI

HIPAA - Security Rule for Business Associates

Course Number:
lchp_01_a09_lc_enus
Lesson Objectives

HIPAA - Security Rule for Business Associates

  • recognize the goals of HIPAA's Security Rule
  • recognize why it's important to comply with the HIPAA Security Rule
  • recognize examples of the types of safeguards required by the HIPAA Security Rule
  • handle e-PHI appropriately, according to the HIPAA Security Rule
  • identify security practices for e-mail and remote access
  • identify how to safeguard electronic protected health information in accordance with the HIPAA Security Rule

Overview/Description
This course provides employees of business associates (as defined by HIPAA) with an overview of the security obligations that apply to their organizations with respect to electronically stored and transmitted PHI. It explains the importance of compliance, the different kinds of safeguards that business associates are required to put in place, and the role of individual employees in preventing data breaches. Employees are advised on best practices to reduce risks to e-PHI, including how to achieve better security when e-mailing, browsing the web, or remotely accessing e-PHI. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.

Target Audience
Any employee of a business associate who handles electronic PHI

HIPAA - Security Rule for Covered Entities

Course Number:
lchp_01_a10_lc_enus
Lesson Objectives

HIPAA - Security Rule for Covered Entities

  • recognize the importance of complying with HIPAA's Security Rule
  • recognize the goals of the HIPAA Security Rule
  • identify examples of safeguards required by the HIPAA Security Rule
  • identify how to handle e-PHI appropriately according to the HIPAA Security Rule
  • identify how to handle electronic protected health information as required by the HIPAA Security Rule

Overview/Description
This course provides employees of covered entitles with an overview of the security obligations that apply to their use of electronic protected health information (e-PHI). It explains the different kinds of safeguards that covered entities are required to put in place and explores best practices for preventing loss, theft, or unauthorized disclosure of e-PHI. These course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.

Target Audience
Any employee of a covered entity who handles electronic PHI and is therefore responsible for its confidentiality, integrity, and security

HIPAA – Privacy Rule for Business Associates

Course Number:
lchp_01_a07_lc_enus
Lesson Objectives

HIPAA – Privacy Rule for Business Associates

  • recognize the importance of compliance with the Privacy Rule
  • identify the key elements of the HIPAA Privacy Rule for business associates
  • determine whether a given example is protected health information (PHI) or not
  • determine when it's appropriate to release protected health information and what information can be released
  • identify what a breach is under HIPAA
  • identify best practices for working with protected health information
  • identify how to handle protected health information in accordance with the HIPAA Privacy Rule

Overview/Description
The confidentiality of health information is closely safeguarded by HIPAA's Privacy Rule. All employees that regularly work with protected health information must understand the Rule's requirements for properly handling it. This course will explore the basic principles of the Privacy Rule and offer some best practices for protecting information and avoiding violations. The information contained in this course reflects the most recent updates to HIPAA as outlined in the Final Omnibus Rule of 2013. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.

Target Audience
Any employee of a business associate who handles PHI; not aimed at individuals within business associates who are responsible for establishing contracts with covered entities

HIPAA for Non-Medical Employers

Course Number:
lchp_01_a11_lc_enus
Lesson Objectives

HIPAA for Non-Medical Employers

  • identify what is and isn't PHI
  • demonstrate an understanding of what is and isn't PHI
  • identify when PHI can be used or disclosed without an individual’s authorization
  • recognize characteristics of a valid HIPAA authorization
  • recognize how the minimum necessary standard applies to PHI use
  • recognize when PHI can be used or disclosed without an individual’s authorization, the characteristics of a valid HIPAA authorization, and how the minimum necessary standard applies to PHI use
  • identify the individual’s rights regarding their PHI
  • recognize an individual’s rights regarding their PHI

Overview/Description
Many organizations that fit the description of non-medical employers have employees, who by nature of their roles in Human Resources or benefits or health plan administration, have access to the personal and private health information of other employees. These organizations are legally obligated to protect this information as described by HIPAA's Privacy Rule. This course focuses on helping these employees learn how to identify protected health information (PHI), how to appropriately use, disclose, or request PHI, and the importance of following their employer's internal privacy policies and procedures for handling the PHI they come into contact with as they do their job.

Target Audience
All employees who may, by reason of their job role, be required to handle PHI requests

HIPAA Privacy Essentials

Course Number:
lchp_01_a01_lc_enus
Lesson Objectives

HIPAA Privacy Essentials

  • identify key areas of concern addressed under the HIPAA Administrative Simplification provision
  • recognize examples of covered entities using the HIPAA rules
  • recognize examples of the types of companies or organizations that would be considered business associates of a covered entity
  • identify how the Privacy Rule safeguards protected health information (PHI)
  • describe what deidentification of PHI involves and why it's important
  • identify the types of requests individuals may ask of a covered entity or its business associates, relative to their PHI
  • identify the responsibilities of a covered entity and its business associates under HIPAA's Privacy Rule
  • recognize how certain standards within the Privacy Rule affect various situations
  • recognize how the "minimum necessary" concept applies to the use and disclosure of PHI
  • identify the main purpose of the Breach Notification rule
  • recognize the types of consequences an organization may face for failures to comply with its obligations under the Privacy Rule
  • recognize the impact of HIPAA penalties upon covered entities who do not comply

Overview/Description
This course presents an overview of HIPAA (the Health Insurance Portability and Accountability Act), outlining the main components and identifying who is covered by the Act. It examines the privacy provisions under HIPAA as they relate to protected health information (PHI). This course helps employees and business associates of covered entities recognize the key provisions of HIPAA, how their organizations are affected by HIPAA, and how the privacy rules impact them. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.

Target Audience
Employees and business associates of covered entities

Prerequisites: none

Close Chat Live