HIPAA for Medical Office Staff
Price Per Person
|$ Call for $|
7 AM - 8 PM MST (M-F)
Faculty: Becca Kalivas, RN, MS
Successful Completion: Complete entire module, complete the exam with a passing score of 80% or better, and complete the evaluation form.
Estimated Time to Complete Activity: 90 minutes.
CEUs: HIPAA Exams is authorized by IACET to offer 0.2 CEUs for this program. CEU Information
Free Certification of Completion available instantly for download or printing upon successful completion.
This course is specific for Medical Office Staff personal who do not directly provide medical treatment to patients. This course covers the fundamentals of the HIPAA Privacy Rule, the HIPAA Security Rule, and the Enforcement Rule in case of HIPAA violations.
Includes 2021/2022 Updates - ONC 21st Cures Act Final Rule and the CMS Final Rule
Course includes a video and audio componentwith stand-alone exam
Receive HIPAA Certification "Certificate of Completion" with successful completion
How to Purchase
To enroll in this course, simply add the number of users you need below and ADD TO CART. Follow the steps for CHECKOUT which will include registering your account.
This demo video is a small example of this course’s content, it is not representative of the full course and the level of engagement required.
- Describe the purpose of HIPAA legislation - i.e. HIPAA law
- Explain the changes implemented by the Omnibus Final Rule
- Identify the key elements of the Privacy, Security, and Enforcement Rule
- Explain the process for Breach Notification
- Illustrate how HIPAA affects his/her role in a Medical Office setting
This course is specific for Medical Office Staff personal who do not directly provide medical treatment to patients, such as front desk, messaging services, billing specialists, janitorial staff, etc.
Table of Contents
HIPAA for Medical Office Staff
(HIPAA Privacy, Security, and Enforcement Training)
Table of Contents:
- HIPAA for Medical Office Staff
- Legal Notice
- Purpose of Course
- What is HIPAA?
- What is Portability?
- What is Accountability?
- HITECH and Omnibus Final Rule
- Who Must Abide by HIPAA Rules?
- HIPAA Covered Entity
- Business Associates
- Expanded Definition of Business Associate
- Business Associate Agreement
- Things to Consider within an Office
- HIPAA Privacy Rule
- Permitted Use and Disclosure of PHI
- Authorized Use and Disclosure of PHI
- Incidental Use and Disclosure of PHI
- “Minimum Necessary” Principal
- Notice of Privacy Practices
- Individual Access to PHI
- ONC Cures Act Final Rule - 2021/2022 Update
- CMS Final Rule - 2021/2022 Update
- More Individual Rights Under the Privacy Rule
- Administrative Requirements for Privacy Rule Compliance
- State Law and the Privacy Rule
- Personal Representatives and Minors Under the Privacy Rule
- Privacy Rule and Decedents
- Privacy Rule and Student Disclosures
- Additional Privacy Considerations within the Office
- HIPAA Security Rule
- What Security Measures Must be Used?
- Administrative Safeguards
- Physical Safeguards
- Technical Safeguards
- Privacy and Security for Mobile Devices
- Transaction and Code Set Standards
- Unique Identifiers Rule
- HIPAA Breach Notification
- Breach Notification and Risk Assessment
- Breach Notification Rule – Exceptions
- Breach Notification Rule and Unsecured PHI
- Breach Notification Requirements – Media
- Breach Notification Requirements – Individual
- Breach Notification Requirements – Secretary
- Burden of Proof for Breach Notification
- Real Life HIPAA Violations and Breaches
- HIPAA Enforcement Rule
- Enforcement Rule and Civil Money Penalties
- Defenses and Waivers for CMP
- Recent Updates to HIPAA – Opioid Crisis
- Recent Updates to HIPAA – Cloud Computing
- End of Course Exam
Course Content Example 1:
Notice of Privacy Practices
Your office is required to provide a Notice of Privacy Practices. These must:
- Describe the ways PHI may be used and disclosed
- State your office’s duty to protect privacy
- Describe individuals’ rights, including the right to complain if they believe privacy rights have been violated
- Provide a point of contact for further information and for making complaints
Since the Final Rule, Notice of Privacy Practices must also include statements:
- Indicating that individual authorization is required for most users and disclosures of PHI regarding psychotherapy notes, for marketing purposes, and for the sale of PHI
- Informing that authorization is required for any uses and disclosures of PHI not mentioned in the Notice
- Indicating the right to opt out of fundraising communications
- Indicating the right to restrict disclosure of PHI when paying out of pocket
- Indicating a right to be notified of a breach of their PHI
Course Content Example 2:
Things to Consider within the Medical Office
Make sure your policies and procedures are up-to-date and working effectively
- Do they account for new technology developments, social media, and email use, ect?
- Perform a thorough and documented risk analysis to determine if there are ways ePHI could be compromised
- Find ways to correct any areas of concern
- Do not share computer passwords to make them too easy
- Always log off computers when you are done
- Make sure ePHI is encrypted before sending it electronically
- Keep a record of all mobile devices, such as laptops, tables and cell phones that contain ePHI. Track when they leave the office
Instant Certificate Of Completion Printing Upon Successful Completion Of HIPAA for Medical Office Staff
Free Retakes on Exam Until You Pass
Instant Access: 100% Online - Access 24/7 from Anywhere
No Recurring Fees
Train Anywhere, Anytime
Courses can be accessed from any internet device at anytime.