As health information is digitized and stored in electronic records, this transformation poses novel challenges for the protection of our personal health information. This course will focus on the federal law that is designed to protect the privacy and security of health information - the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The course will cover among other topics: the entities and information to which HIPAA applies; when consent is required for use and disclosure of health information; the types of health information requiring heightened protection; use of health information for research and marketing; security measures required to protect digitized health information; individuals’ right to access their health information; business association agreements; and the enforcement and compliance with HIPAA’s requirements.
Upon completion of this course, you will be able to:
- Identify which entities are regulated under HIPAA and what information HIPAA applies to
- Explain when is consent required under the Privacy Rule and decide whether a given situation requires oral agreement or written authorization
- Articulate the individual rights required under the Privacy Rule
- Explain the administrative, physical and technical safeguards required under Security Rule
- Articulate the potential enforcement methods and outcomes and the requirements for breach notification
- Critique the regulatory choices made under HIPAA
- Recognize situations in which professional advice is necessary and communicate effectively with professional legal counsel and other employees
The HIPAA Privacy & Security course can be completed in just 8 weeks. Coursework must be completed in the sequence in which it is offered. You should plan to spend about 6-8 hours per week on online coursework, including reading assignments, research and writing projects, and online discussions.