HIPAA Privacy and Security Rules for All Healthcare Personnel

(based on 1437 customer ratings)

Authors: Debbie Sabatino and Paul Fekete, MD
Reviewer: Laurie Bjerklie, MA, MLS(ASCP)CM

This course, using examples specific to all healthcare personnel, covers the HIPAA privacy regulations and treatment of protected health information (PHI) in a succinct manner. Content is directed at all healthcare personnel, from desk personnel, to phlebotomists, to medical technologists and nurses and doctors. Includes numerous interactive case studies. Appropriate for annual HIPAA training for healthcare staff. Key areas covered include technical and physical safeguards, minimum necessary standard, administrative requirements, and authorization.

Objectives

  • Define HIPAA.
  • Define covered entities and business associates, and list which individuals, groups, or organizations are included in each category.
  • Explain what is meant by protected health information, who is authorized to view this information, and safeguards to prevent unauthorized access.
  • Apply HIPAA privacy and security requirements to your daily clinical responsibilities.

Course Outline

  • HIPAA Privacy Rule
    • Introduction
      • What is HIPAA?
      • Relevant Components of HIPAA
      • What is the HIPAA Privacy Rule?
      • What Information is Protected?
      • HIPAA Privacy Rule
      • Who Does HIPAA Apply To?
      • Importance of Privacy
      • Patients' Rights Under HIPAA
      • Case Study: Accessing PHI You are answering the office phone today. A person claiming to be a patient whose voice you do not recognize calls demanding...
      • Which of the following individuals, organizations, or agencies are covered by HIPAA?
    • Requirements and Safeguards
      • Administrative Requirements
      • Privacy Rule Safeguards
      • Physical Safeguards
      • Administrative Safeguards
      • Technical Safeguards
      • Fax Machines
      • Case Study: Incidental Disclosures and Safeguards As a manager, you guided a group of high school students through your pharmacy department during a f...
      • When faxing Protected Health Information (PHI) to a physician, you should:
    • 2013 HIPAA Update Summary
      • Updates from 2013
      • Updates from 2013, continued
    • HIPAA Complaints and Investigation
      • Complaints Regarding HIPAA Noncompliance
      • Investigation
      • HIPAA Enforcement
    • Notification and Authorization Requirements
      • Notice of Privacy Practices
      • Authorization
      • Limiting Use and Disclosure of PHI
      • Case Study: Authorization You are working in a physician's office as a medical coder. The doctor asks you to give the patient's name and contact info...
      • Case Study: Limiting Use and Disclosure of PHI You are the customer service representative in a dental facility. You get a call from a hygienist at on...
    • Minimum Necessary Use and Disclosure
      • Minimum Necessary Use and Disclosure
      • Case Study: Minimum Necessary Use and Disclosure You are a ward clerk responsible for inserting laboratory reports into patients' medical records. You...
      • Case Study: Minimum Necessary Use and Disclosure You are a phlebotomist at a specimen collection center. A patient arrives with orders for a blood gl...
    • Business Associate Agreement
      • Business Associate Agreement
      • Business Associates and the Privacy Rule
      • Case Study: Business AssociateYour chiropractic office's accreditation agency will be sending inspectors/surveyors to inspect your facility within the...
    • HIPAA Breaches
      • HIPAA Breach Notification Rule
      • HIPAA Breach Notification Rule, continued
    • De-Identified Health Information
      • De-Identified Health Information
  • HIPAA Security Rule
    • Introduction
      • What is the HIPAA Security Rule?
      • Security Officer
    • Security Rule Safeguards
      • Security Rule Safeguards
      • Administrative Safeguards
      • Physical Safeguards: Access Controls
      • Physical Safeguards: Storage and Disposal of Media
      • Case Study: Physical SafeguardsYou are the manager of a neurology clinic. During the orientation of a new employee, you instruct them to keep the door...
      • Technical Safeguards: System Access Control
      • Technical Safeguards: Passwords
      • Technical Safeguards: Protection Against Viruses and Malicious Software
      • Technical Safeguards: Email Security
      • Technical Safeguards: Summary
      • Case Study: Technical SafeguardsYou are given several sets of logins and passwords to access various information systems. The login is your first init...
  • Conclusion
      • Follow the Facility's Policies and Procedures
  • References
      • References

Additional Information

Level of Instruction: Basic
Intended Audience: All healthcare personnel. 
Author Information:
Debbie Sabatino has over 20 years of progressive technical, operational, business development, and risk management experience in the health care field. Currently, she is the Senior Manager, Enterprise Risk at McMaster University. Previously, she held the position of Director, Privacy for MDS Laboratory Services, which includes both Canadian and US Operations. As privacy expert for the organization, Ms. Sabatino is responsible for the development, implementation, and ongoing success of the Laboratory Services privacy program as well as the company’s global privacy approach. Debbie is a member of the International Association of Privacy Officers (IAPO) and the Conference Board of Canada Chief Privacy Officers Council.
Paul Fekete, MD, was the founder of MediaLab. He was formerly Assistant Professor of Pathology at Emory University and Director of Laboratories for Gwinnett Health System, near Atlanta. Dr. Fekete had extensive experience teaching and was the author of numerous journal articles and several book chapters. He additionally had extensive experience in instructional design.
The authors have no conflict of interest to disclose.
Reviewer InformationLaurie Bjerklie, MA, MLS(ASCP)CM, is a Lead Education Developer. She earned a B.S. in Medical Laboratory Science from the University of North Dakota and an M.A. in Curriculum and Instruction from Saint Xavier University. She has over 15 years of experience in higher education and has held program director and faculty positions in both MLT and MLS programs.

This course is part of:
Mandatory Annual HR Courses
Request Info
keys security access
healthcare employee on phone shutterstock
pharmacist on computer shutterstock
flashdrive shutterstock