
HIPAA Refresher for Medical Office Staff
HAVE QUESTIONS?
Toll Free
1-888-362-2288
9AM - 5PM CST (M-F)
Faculty: Becca Kalivas, RN, MS
Successful Completion: Complete entire module, complete the exam with a passing score of 80% or better, and complete the evaluation form.
Estimated Time to Complete Activity: 60 minutes.
CEUs: HIPAA Exams is authorized by IACET to offer 0.1 CEUs for this program. CEU Information
Free Certification of Completion available instantly for download or printing upon successful completion.
Overview
This refresher course is specific for Medical Office Staff personal who do not directly provide medical treatment to patients. This course covers the fundamentals of the HIPAA Privacy Rule, the HIPAA Security Rule, and the Enforcement Rule in case of HIPAA violations. This course should only be completed if you've completed our HIPAA for Medical Office Staff course previosuly. HIPAA training is required yearly to meet HIPAA compliance.
Includes 2021/2022 Updates - ONC 21st Cures Act Final Rule and the CMS Final Rule
Course includes a video and audio component with stand-alone exam
Receive HIPAA Certification "Certificate of Completion" with successful completion
Learning Objectives
- Describe the purpose of HIPAA legislation
- Explain the changes implemented by the Omnibus Final Rule
- Identify the key elements of the Privacy, Security, and Enforcement Rule
- Explain the process for Breach Notification
- Illustrate how HIPAA affects his/her role in a Medical Office setting
Target Audience
This refresher course is specific for Medical Office Staff personal who do not directly provide medical treatment to patients, such as front desk, messaging services, billing specialists, janitorial staff, etc. This course should only be completed if you've completed our HIPAA for Medical Office Staff course previosuly.
Table of Contents
HIPAA Refresher for Medical Office Staff
(HIPAA Privacy, Security, and Enforcement Training)
Table of Contents:
- HIPAA Refresher for Healthcare Workers
- Legal Notice
- Objectives
- HIPAA: Why Do I Need a Refresher?
- Who Must Abide by HIPAA?
- HIPAA Privacy Rule
- "Minimum Necessary" Principal
- Permitted Use and Disclosure of PHI
- Incidental Use and Disclosure of PHI
- Authorized Use and Disclosure of PHI
- Notice of Privacy Practices
- Individual Rights Under the Privacy Rule
- ONC Cures Act Final Rule - 2021/2022 Update
- CMS Final Rule - 2021/2022 Update
- Ensuring Privacy Rule Compliance
- Additional Privacy Rule Considerations
- HIPAA Privacy Rule Scenarios
- HIPAA Security Rule
- Safeguards in Daily Practice
- HIPAA Security Rule Scenario
- HIPAA Breach Notification
- What if a Breach is Discovered?
- HIPAA Enforcement Rule
- HIPAA Enforcement Rule Penalties
- Real Life Examples of HIPAA Breach and Violations
- Recent Updates to HIPAA
- HIPAA Compliance Checklist
- End of Course Exam
Course Content Example 1:
Notice of Privacy Practices
Your office is required to provide a Notice of Privacy Practices. These must:
- Describe the ways PHI may be used and disclosed
- State your office's duty to protect privacy
- Describe individuals' rights, including the right to complain if they believe privacy rights have been violated
- Provide a point of contact for further information and for making complaints
Since the Final Rule, Notice of Privacy Practices must also include statements:
- Indicating that individual authorization is required for most users and disclosures of PHI regarding psychotherapy notes, for marketing purposes, and for the sale of PHI
- Informing that authorization is required for any uses and disclosures of PHI not mentioned in the Notice
- Indicating the right to opt out of fundraising communications
- Indicating the right to restrict disclosure of PHI when paying out of pocket
- Indicating a right to be notified of a breach of their PHI
Course Content Example 2:
Things to Consider within the Medical Office
Make sure your policies and procedures are up-to-date and working effectively
- Do they account for new technology developments, social media, and email use, ect?
- Perform a thorough and documented risk analysis to determine if there are ways ePHI could be compromised
- Find ways to correct any areas of concern
- Do not share computer passwords to make them too easy
- Always log off computers when you are done
- Make sure ePHI is encrypted before sending it electronically
- Keep a record of all mobile devices, such as laptops, tables and cell phones that contain ePHI. Track when they leave the office
Features
Download Certificate of Completion Immediately
3 Attempts to Pass Your Exam
Instant Access: 100% Online - Access 24/7 from Anywhere
No Recurring Fees