HIPAA Resources For Health Care

What is HIPAA

The question often asked is, What is HIPAA or What does HIPAA stand for? How do I learn about HIPAA?

We provide HIPAA training free on the HIPAA regulation and answer these questions on this HIPAA Resource page and on the links below. HIPAA relates to The HIPAA Privacy Rule (Health Insurance Portability and Accountability Act of 1996) which established national standards to protect individuals’ medical records and other individually identifiable health information (collectively defined as “protected health information”).

This is applicable to covered entities such as health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. In addition this is also applied to business associates who handle protected health information on behalf of covered entities.

HIPAA Privacy Rule

The Rule requires appropriate safeguards to protect the privacy of protected health information (PHI) and sets limits and conditions on the uses and disclosures that may be made of such information without an individual’s authorization.

The Rule also gives individuals rights over their protected health information, including rights to examine and obtain a copy of their health records, to direct a covered entity to transmit to a third party an electronic copy of their protected health information in an electronic health record, and to request corrections.

It is important for all covered entities and business associate to fully understand the HIPAA Privacy Rule and how it affects their organization. Additionally, it is important for business associates to understand the Omnibus Rule and how it affects them in the face of any security incident.

For more information please follow our links below. HIPAA Associates is happy to make our HIPAA Resources available for your benefit. If you are unable to find the answer to your questions, please feel free to Contact Us or visit our main page.

Our professionals know HIPAA

Get Help Today

HIPAA Resources

Our HIPAA Resource section is geared to provide HIPAA training free to all providers interested in learning about the HIPAA Privacy Rule. Our material is updated regularly, and new sections are added continuously to cover all important topics.

HIPAA Associates is pleased to offer our clients free HIPAA resources.

Please follow the links below for valuable HIPAA resources. These are ideal for Covered Entities and Business Associates.

What is the HIPAA law?
What is HIPAA Certification?
HIPAA Compliance Checklist 2022
HIPAA Security Risk Analysis
Permitted Uses & Disclosures of PHI
Reasonable Safeguards for PHI
HIPAA Technical Safeguards Protect PHI
Mobile Devices and Technical Safeguards
Using Cybersecurity to Protect PHI
Texting Protected Health Information
The Right to Access PHI
Information Blocking
Breaches of Protected Health Information
What is a HIPAA Violation
HIPAA, COVID and Your Organization

Our introduction to HIPAA will give you the important background information you need to understand the key concepts of the HIPAA Privacy Rule.

What does HIPAA Stand For?

What is the HIPAA law?

What does HIPAA stand for?
HIPAA Privacy Rule
HIPAA Security Rule
HITECH Act – Breach Notification Rule
HIPAA Terminology
Who must comply with HIPAA Rules?
Enforcement
Right of Access to PHI
What is HIPAA Compliance?
HIPAA Compliance is a multi-step process

All covered entities and business associates must know, “What is HIPAA Certification.”

What is HIPAA Certification?

The Office for Civil Rights and HIPAA Certification
HIPAA Requirements
Train for Compliance
Becoming HIPAA Compliant

This HIPAA Compliance Checklist will give you the information you need to prepare for HIPAA Compliance in your organization.

HIPAA Compliance Checklist 2022

Review our HIPAA Compliance Checklist to get started with your HIPAA Compliance Plan

The Seven Steps
Implementing written policies
Designating a compliance officer
Conducting effective training
Develop effective lines of communication
Conduct internal monitoring and auditing
Responding to detected offenses
Enforcing standards of conduct
Responding promptly to detected offenses
Understanding HIPAA Compliance

All organizations who handle PHI must perform a Risk Analysis to determine the risks to Protected Health Information.

HIPAA Security Risk Analysis

Office for Civil Rights Requirement
Name a Privacy/Security Officer
The Requirements under the Security Rule
Implementation Specifications
Important Definitions
Elements of a Risk Analysis
Electronic Protected Health Information
Collect & Analyze the Data
Periodic Review and Updates to the Risk Assessment
In Summary

It is important for all Covered Entities and Business Associates to understand how to safely use and disclose PHI.

Permitted Uses & Disclosures of PHI

Uses & Disclosures
Authorizations
Psychotherapy Uses & Disclosures
Opportunities to Agree or Object
Public Interest and Benefit Activities

Reasonable Safeguards will help protect PHI from inappropriate disclosure

Reasonable Safeguards for PHI

Incidental Uses & Disclosures
Reasonable Safeguards
Verbal PHI
Paper PHI
Electronic PHI
Minimum Necessary Policies
Reasonable Safeguards Prevent Violations
Home Office
BYOD
Creating Safe Networks
Meeting Apps
External Drives
Conclusion

Using Technical Safeguards is important to comply with the HIPAA Rule

HIPAA Technical Safeguards Protect PHI

The Security Rule
Comply with Technical Safeguards
Implementing “The Security Rule”
Technical Standards
Standard: Access Controls
Standard: Audit Controls
Standard: Integrity
Standard: Person or Entity Authentication
Standard: Transmission Security
Cybersecurity & Technical Safeguards
Texting Protected Health Information
Texting Patient Orders

Use Appropriate Safeguards on Mobile Devices

Mobile Devices and Technical Safeguards

Password and Authentication
Security Software Must be Up to Date
Encryption is Key
Firewalls
Remote Wiping and/or remote disabling
Antivirus Software
Control Your Device
File Sharing Applications
Mobile Applications
Discarding or Reusing Mobile Devices
Public Wi-Fi and a VPN

Use appropriate Cybersecurity to protect PHI

Using Cybersecurity to Protect PHI

Cyberthreats From Outside Sources
What You Can Do
Prepare for Cyberattacks
Texting Protected Health Information
Recent Clarification from OCR
Patient Orders

Texting Protected Health Information requires special safeguards

Texting Protected Health Information

Emailing Patients
Text Messaging Patients
Communicating with the Healthcare Team
Computerized Provider Order Entry

The Right to Access PHI is a very important topic today which your organization should understand and address.

The Right to Access PHI

Patient Rights
Designated Record Sets
Excluded Information
Important Exclusions
Personal Representatives
Requesting Access
Verification
Unreasonable Measures
Providing Access
Summary of PHI
Delivering Records
Timeliness of Access
Permissible Records
Denial of Access
Notification of Denial
Review of the Denial
State Laws
Information Blocking
Exceptions to Information Blocking

Information Blocking must be understood to prevent Right to Access violations.

Information Blocking

Definition
HIPAA Considerations
Analysis of Information Blocking
Examples of Information Blocking
Exceptions
Potential Penalties

Breaches of Protected Health Information must be addressed quickly

Breaches of Protected Health Information

Definition of a Breach
Paper Breaches
Electronic Breaches
Verbal Breaches
Three Exceptions to Definition of Breach
Unsecured Protected Health Information
Encryption of PHI
Destruction of PHI
Procedures for Making a HIPAA Complaint
Privacy Officer
No Retaliation
Breach Notification Requirements
Notification of Individuals
Public Notice
Notification Process
Media Notice
Notice to the Secretary
Notification by a Business Associate
Administrative Requirements and burden of Proof
Direction from HHS on Penalties
Social Media & PHI

HIPAA Violations are a significant concern for all covered entities

What is a HIPAA Violation

The HIPAA Rule
Type of Violations
Reporting of Violations
Investigating Violations
Civil Penalties
Criminal Penalties
Preventing HIPAA Violations
Conclusion

HIPAA requires special considerations when applied to COVID

HIPAA, COVID and Your Organization

Telehealth Remote Communications
First Responders, PHI & COVID
Civil Rights Laws and HIPAA
Uses and Disclosures of PHI by Business Associates
Community-Based Testing Sites
Media Access to Protected Health Information
Contacting Patient About Blood & Plasma Donations
Use of Online or Web-Based Scheduling Applications for Scheduling Vaccination Appointments
Health Information Exchanges
Conclusion

Great experience with HIPAA Associates. I really enjoy the HIPAA ABC videos and breach reporting tool. Good work.

Abigail

Incredible suite of knowledge on HIPAA compliance! HIPAA ABC videos clearly explain elements of compliance that were previously unclear.

Phillip Streck

One of the best HIPAA training providers based on the types of training offered, the convenience of the training courses, quick access to certificates, and additional support to help businesses keep their employees trained and compliant.
“Best for Team Training”

Michael Kurko, The Balance Small Business

HIPAA Resources For You