Categories

HIPAA: a Guide for Insurance Professionals

SKU: 442
$29.94

HIPAA: Applying Standards for Securing Electronic Protected Health InformationAs the healthcare industry rapidly migrates to a paperless future in which individual health information is recorded, maintained, and transmitted electronically, the need to secure that information grows. Because unauthorized access to private health information could have dangerous ramifications for individuals, healthcare professionals, and many businesses, Congress enacted the Health Insurance Portability and Accountability Act (HIPAA) in 1996 with the goal of protecting such information.

One of HIPAA’s main provisions, the Security Rule, outlines the standards for protecting electronic protected health information that health plans, healthcare clearinghouses, and many healthcare providers are required to follow. As of 2006, all entities that fall under the law’s purview must be in compliance with these standards and their accompanying implementation specifications.

HIPAA is designed to protect a covered entity’s Electronic Protected Health Information from unauthorized access and use. Severe consequences await those organizations found guilty of frustrating these objectives. The only way Insurance and Risk Management Professionals can adequately assist an organization in controlling, mitigating and insuring against these consequences, is to understand what HIPAA’s Security Rule requires, permits, and prohibits.

TARGET AUDIENCE
Insurance and Risk Management Professionals

PROGRAM LEVEL
INTERMEDIATE LEVEL: This course has been designated by the Florida Department of Financial Services as INTERMEDIATE level. It is intended for the student who has a basic knowledge with the subject matter or who has limited experience with the subject matter.

PROGRAM PREREQUISITES
None

DELIVERY METHOD
Self-Study Online

CONTINUING EDUCATION CREDITS
This course has been approved by the Florida Department of Financial Services for 6.0 hours of CE 2-20 (Property & Casualty) General Lines – Other continuing education credits.

PURPOSE
To provide an overview of HIPAA’s Security Rule, including the standards and implementation specifications included therein, to ensure the security of a covered entity’s Electronic Protected Health Information and to avoid the liability resulting from HIPAA violations.

LEARNING OBJECTIVES
After completing this course, the learner will be able to:

  • explain the history of HIPAA and the reasons for its adoption;
  • outline the structure of HIPAA and relate its provisions to other federal regulations;
  • define and identify who is considered a covered entity under HIPAA and therefore subject to its regulations;
  • define Electronic Protected Health Information (EPHI) and distinguish between what is and what is not EPHI;
  • outline the structure of the HIPAA Security Rule;
  • define the standards that serve as the goals of the Security Rule;
  • distinguish between standards and implementation specifications, as contained in HIPAA;
  • define the terms "required" and "addressable" as they apply to HIPAA's implementation specifications;
  • define and apply HIPAA's Administrative Safeguards in the management of EPHI;
  • apply the principles of risk analysis and risk management in observing HIPAA's Security Rule;
  • define and apply HIPAA's Physical Safeguards in the management of EPHI;
  • define and apply HIPAA's Technical Safeguards in the management of EPHI;
  • define and apply HIPAA's Organizational Requirements in the management of EPHI;
  • define and apply HIPAA's Policies and Procedures and Documentation Requirements in the management of EPHI;
  • identify the range of penalties for HIPAA violations; and
  • identify an organization’s exposure to HIPAA-related liability in order to develop and implement appropriate insurance and risk management strategies.



TOPICS COVERED

  1. The History of HIPAA’s Enactment and Subsequent Interpretation
  2. Who Are Covered Entities under HIPAA?
  3. What Constitutes Electronic Protected Health Information
  4. The Structure of the Security Rule
  5. The Distinctions between Standards and Implementation Specifications
  6. “Required” v. “Addressable” Implementation Specifications
  7. Defining and Applying HIPAA’s Administrative, Physical, and Technical Safeguards
  8. Defining and Applying HIPAA’s Organizational Requirements
  9. Defining and Applying HIPAA’s Policies and Procedures and Documentation Requirements
  10. Identifying the Penalties for HIPAA Non-Compliance



FORMS INCLUDED

  • Covered Entity Chart
  • Interview and Document Request for HIPAA Security Onsite Investigations and Compliance Reviews
  • Security Standards: Matrix



ACCREDITATION
The Florida Department of Financial Services has designated The Human Equation, Inc. (Provider No. 368518) as an Approved Provider of Continuing Education Credits for Florida General Lines 2-20 (Property & Casualty) Insurance Agents. This course, HIPAA: a Guide for Insurance Professionals (HIPAA: Applying Standards for Securing Electronic Protected Health Information), has been approved by the Florida Department of Financial Services for 6.0 hours of CE 2-20 (Property & Casualty) General Lines – Other continuing education credits.

If you're not completely satisfied with the quality of our courses, we will refund your money - guaranteed. Click here for details


HIPAA: Applying Standards for Securing Electronic Protected Health Information

Table of Contents

  • Chapter 1: Instructions
    • Page 1
  • Course Objectives
  • Chapter 2: Introduction
    • Page 2, 3, 4, 5, 6
    • HIPAA
      • Page 7, 8, 9, 10, 11
  • Chapter 3: HIPAA’s Structure
    • Page 12
    • Background
      • Page 13, 14
    • Regulatory Structure
      • Page 15, 16, 17
    • Who Must Comply with the Security Rule?
      • Page 18
    • Covered Entity
      • Page 19, 20
    • What Does the Security Rule Cover?
      • Page 21
    • Electronic Protected Health Information (EPHI)
      • Page 22, 23, 24, 25
    • Electronic Protected Health Information (EPHI)
      • Page 26, 27
    • What’s Not Considered EPHI
      • Page 28, 29
    • Electronic Protected Health Information (EPHI)
      • Page 30
    • What Does the Security Rule Not Require?
      • Page 31, 32
    • The Security Rule: Overview
      • Page 33, 34
  • Chapter 4: Security Standards: General Rules
    • General Rules
      • Page 35
    • General Rules: Flexibility of Approach
      • Page 36, 37
    • General Rules: Standards vs. Implementation Specifications
      • Page 38
    • General Rules: Standards
      • Page 39
    • General Rules: Implementation Specifications
      • Page 40, 41, 42, 43, 44
    • The Compulsory Nature of Addressable Implementation Specifications
      • Page 45, 46
    • Addressable Implementation Specifications
      • Page 47
    • General Rules: Maintenance
      • Page 48, 49
  • Chapter 5: Administrative Safeguards
    • Page 50
    • The Security Management Process
      • Page 51, 52
    • Standard: Security Management Process
      • Page 53
    • Implementation Specification: Risk Analysis (Required)
      • Page 54, 55
    • Implementation Specification: Risk Management (Required)
      • Page 56, 57, 58
    • Implementation Specification: Sanction Policy (Required)
      • Page 59, 60
    • Implementation Specification: Information System Activity Review (Required)
      • Page 61, 62
    • Standard: Assigned Security Responsibility
      • Page 63, 64, 65, 66
    • Standard: Workforce Security
      • Page 67, 68, 69
    • Implementation Specification: Authorization and/or Supervision (Addressable)
      • Page 70, 71
    • Implementation Specification: Workforce Clearance Procedure (Addressable)
      • Page 72, 73
    • Implementation Specification: Termination Procedures (Addressable)
      • Page 74, 75, 76, 77
    • Standard: Information Access Management
      • Page 78, 79
    • Implementation Specification: Isolating Health Care Clearinghouse Functions (Required)
      • Page 80, 81
    • Implementation Specification: Access Authorization (Addressable)
      • Page 82, 83
    • Implementation Specification: Access Establishment and Modification (Addressable)
      • Page 84, 85, 86
    • Standard: Security Awareness and Training
      • Page 87, 88, 89
    • Implementation Specification: Security Reminders (Addressable)
      • Page 90, 91
    • Implementation Specification: Protection from Malicious Software (Addressable)
      • Page 92
    • Implementation Specification: Log-In Monitoring (Addressable)
      • Page 93
    • Implementation Specification: Password Management (Addressable)
      • Page 94, 95
    • Standard: Security Incident Procedures
      • Page 96, 97, 98
    • Implementation Specification: Response and Reporting (Required)
      • Page 99, 100, 101, 102
    • Standard: Contingency Plan
      • Page 103, 104
    • Implementation Specification: Data Backup Plan (Required)
      • Page 105, 106
    • Implementation Specification: Disaster Recovery Plan (Required)
      • Page 107
    • Implementation Specification: Emergency Mode Operation Plan (Required)
      • Page 108, 109
    • Implementation Specification: Testing and Revision Procedures (Addressable)
      • Page 110, 111, 112
    • Implementation Specification: Applications and Data Criticality Analysis (Addressable)
      • Page 113, 114, 115
    • Standard: Evaluation
      • Page 116, 117, 118
    • Standard: Business Associate Contracts and Other Arrangements
      • Page 119, 120, 121
    • Implementation Specification: Written Contract or Other Arrangement (Required)
      • Page 122, 123
    • Administrative Safeguards: Conclusion
      • Page 124
    • Security Standards: Matrix
      • Page 125, 126
  • Chapter 6: Risk Analysis and Risk Management Basics
    • Risk Analysis & Risk Management Basics
      • Page 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138
  • Chapter 7: Physical Safeguards
    • Page 139
    • Physical Safeguards
      • Page 140, 141
    • Standard: Facility Access Controls
      • Page 142, 143, 144, 145
    • Implementation Specification: Contingency Operations (Addressable)
      • Page 146, 147
    • Implementation Specification: Facility Security Plan (Addressable)
      • Page 148, 149, 150, 151
    • Implementation Specification: Access Control and Validation Procedures (Addressable)
      • Page 152, 153
    • Implementation Specification: Maintenance Records (Addressable)
      • Page 154, 155
    • Standard: Workstation Use
      • Page 156, 157, 158
    • Standard: Workstation Security
      • Page 159, 160
    • Standard: Device and Media Controls
      • Page 161, 162, 163, 164
    • Implementation Specification: Disposal (Required)
      • Page 165, 166
    • Implementation Specification: Media Re-Use (Required)
      • Page 167, 168
    • Implementation Specification: Accountability (Addressable)
      • Page 169, 170
    • Implementation Specification: Data Backup and Storage (Addressable)
      • Page 171
    • Physical Safeguards: Conclusion
      • Page 172, 173, 174, 175
  • Chapter 8: Technical Safeguards
    • Page 176
    • Technical Safeguards: Definition
      • Page 177
    • Technical Safeguards: What is Not Required
      • Page 178
    • Standard: Access Control
      • Page 179, 180, 181, 182, 183
    • Implementation Specification: Unique User Identification (Required)
      • Page 184
    • Implementation Specification: Unique User Identification (Required)
      • Page 185
    • Implementation Specification Access Control: Emergency Access Procedure (Required)
      • Page 186, 187
    • Implementation Specification: Automatic Logoff (Addressable)
      • Page 188, 189
    • Implementation Specification: Encryption and Decryption (Addressable)
      • Page 190, 191, 192
    • Standard: Audit Controls
      • Page 193, 194
    • Standard: Integrity
      • Page 195
    • Implementation Specification: Mechanism to Authenticate EPHI (Addressable)
      • Page 196
    • Standard: Person or Entity Authentication
      • Page 197, 198, 199, 200
    • Standard: Transmission Security
      • Page 201
    • Implementation Specification: Integrity Controls (Addressable)
      • Page 202, 203
    • Implementation Specification: Encryption (Addressable)
      • Page 204, 205
    • Technical Safeguards: Conclusion
      • Page 206, 207
  • Chapter 9: Organizational Requirements
    • Organizational Requirements: Introduction
      • Page 208, 209
    • Standard: Business Associate Contracts or Other Arrangements
      • Page 210, 211, 212, 213
    • Implementation Specification: Business Associate Contracts (Required)
      • Page 214, 215, 216
    • Implementation Specification: Other Arrangements (Required)
      • Page 217, 218, 219
    • Standard: Requirements for Group Health Plans
      • Page 220
    • Implementation Specification: Required
      • Page 221
    • Organizational Requirements: Conclusion
      • Page 222, 223
  • Chapter 10: Polices and Procedures and Documentation Requirements
    • Page 224
    • Standard: Policies and Procedures
      • Page 225
    • Standard: Policies and Procedures
      • Page 226, 227, 228
    • Standard: Documentation
      • Page 229, 230
    • Implementation Specification: Time Limit (Required)
      • Page 231
    • Implementation Specification: Availability (Required)
      • Page 232
    • Implementation Specification: Updates (Required)
      • Page 233
    • Policies and Procedures and Documentation Requirements: Conclusion
      • Page 234, 235
  • Chapter 11: Penalties
    • Penalties
      • Page 236, 237, 238, 239, 240, 241, 242, 243, 244, 245
  • Chapter 12: Conclusion
    • Conclusion
      • Page 246, 247, 248
  • Chapter 13: Time to Review
    • Page 249
  • Exam (multiple choice)






Student Benefits

Students and employees who take the HIPAA: a Guide for Insurance Professionals course will enjoy:

 Course FeaturesIncludedComments
 
HRCI Recertification Credits
 
0.00 HRCI Recertification Credit(s).
 
SHRM PDC Credits
 
0.00 SHRM PDC Credit(s).
 
CAM Credits
 
0.00 CAM Credit(s).
 
Florida Bar CLE Recertification Credits
 
0.00 Florida Bar CLE Recertification Credit(s).
 
Florida Bar CLE Ethics Recertification Credits
 
0.00 Florida Bar CLE Ethics Recertification Credit(s).
 
State Bar of Georgia CLE Recertification Credits
 
0.00 State Bar of Georgia CLE Recertification Credit(s).
 
State Bar of Georgia CLE Ethics Recertification credits
 
0.00 State Bar of Georgia CLE Ethics Recertification credit(s).
 
FL CE 2-20 Credits
 
6.00 FL CE 2-20 Credit(s).
 
Unlimited 1 Year Access
 
The Human Equation's courses may be accessed and reviewed as many times as you wish even after completion.
 
90 Days Money Back Guarantee
 
The course must not be completed.
 
Friendly and Knowledgeable Customer Service
 
M-F from 8:00am to 4:30pm.
 
Table of Contents
 
Allows you to jump directly to slides and chapters that you have already viewed.
 
Pictures/Illustrations
 
91 pictures/illustrations.
 
Interactive Learning Activities
 
37 interactive learning activities.
 
Audio Narration
 
0 audio narrations.
 
Supporting Documents
 
3 supporting documents.
 
Case laws
 
4 case laws.
 
Definitions
 
24 definitions.
 
Questions and Answers
 
8 questions and answers.
 
Video Clips
 
0 video clips.
 
Practice Quiz
 
0 practice true or false questions and 0 practice multiple choice questions.
 
Scored Exam
 
0 exam true or false questions and 35 exam multiple choice questions.
 
Printable Certificate
 
The certificate contains your name, completion date, and the certification organization's ID which you will need to claim your credit(s).
 
Customizable Settings
 
Adjustable font sizes and sounds.
 
Automatic Bookmarking
 
Simply close the course when you are done and it will reopen on the last visited page on your next session.
(To see if you have the necessary technical requirements, visit our browser detection page.)

Training Manager Benefits

Managers and supervisors who purchase The Human Equation's courses to train their employees will enjoy:

 Learning Management System FeaturesIncludedComments
 
Convenient User Creation and Management
 
Hierarchy-tree based management
 
Reporting
 
Downloadable spreadsheets.
 
Course Scheduling
 
Customizable start dates and due dates.
 
Automated Email Reminders
 
Due date reminders.
 
Convenient Course Assignments
 
Single or multiple user course assignments.
 
Customized Learning Environment
 
The Human Equation's Learning Management System is customizable to match your organization's look and feel.
 
Enterprise Discounts
 
Significant wholesale discounts available for enterprises.
Product tags