HIPAA for Covered Entities

Learning objectives


  • Describe the evolution, importance, and scope of HIPAA

  • Explain where PHI is located, how you may use it, and when you may disclose it

  • Define electronic PHI (ePHI), and list some techniques that you and your employer may use to secure PHI, in all its forms, from unauthorized access

  • Explain the types of HIPAA violations, the potential penalties for violations, and the process for issuing breach notifications


Course overview


The HIPAA Privacy Rule and Administrative Simplification rules, apply to covered entities. Covered entities are defined as health plans, healthcare clearinghouses, and any healthcare provider who transmits health record information in electronic form.


Types of Covered Entities


Health Plans


  • Providers, or entities that pay for the cost of medical care such as health, dental, vision, and prescription drug insurers.

  • HMOs, Medicare, Medicaid, Medicare+Choice and Medicare supplement insurers.

  • Long-term care insurers.

  • Employer-sponsored group health plans, government and church-sponsored health plans, and multi-employer health plans.


Healthcare Providers


Every healthcare provider, regardless of size, who electronically transmits health record information in connection with certain transactions, including institutional providers such as hospitals and non-institutional providers such as physicians, dentists and other practitioners.


Healthcare Clearinghouses


These entities process nonstandard information received from another entity into a standard format or data content. They include billing services, repricing companies, community health management information systems, and value-added networks.


Not A Covered Entity


  • A group health plan with less than 50 participants managed solely by the employer.

  • Government funded health plan programs such as Food Stamps, a community health center, healthcare grant providers.

  • Insurance entities providing only workers’ compensation, automobile insurance, and property and casualty insurance.


Failure to Comply with HIPAA Privacy Rule


Covered entities that fail to comply voluntarily with the standards may be subject to civil money penalties. In addition, certain violations of the Privacy Rule may be subject to criminal prosecution.


Civil Money Penalties


Penalties will vary significantly depending on factors such as the date of the violation, whether the covered entity knew or should have known of the failure to comply, or whether the covered entity’s failure to comply was due to willful neglect.


  • Violations occuring before February 18th, 2009 - Up to $100 per violation, with a $25,000 calendar year cap

  • Violations occuring after February 18th, 2009 - $100 to $50,000 or more per violation, with a $1,500,000 calendar year cap


Criminal Penalties


A person who knowingly obtains or discloses individually identifiable health information in violation of the Privacy Rule may face a criminal penalty of up to


  • $50,000 and up to one-year imprisonment.

  • $100,000 and up to five years imprisonment if it involves false pretenses

  • $250,000 and up to 10 years imprisonment if it involves the intent to sell, transfer, or use identifiable health information for commercial advantage, personal gain or malicious harm

Language Offered In.png

English

Course Time.png

30 min

Course Outline

Course Outline

  • HIPPA Basics

  • PHI Privacy

  • PHI Security

  • HIPAA Violation Responses

Regulations

Regulations

  • Health Insurance Portability and Accountability Act of 1996 (HIPAA)

  • 45 CFR Part 160 - Privacy Rule

  • 45 CFR Part 164 Subparts A and E - Privacy Rule

  • 45 CFR Part 160 and Part 164 Subparts A and C - Security Rule

  • 45 CFR Part 164 Subpart D - HIPAA Breach Notification Rule

  • US Department of Health and Human Services (HHS), HIPAA for Professionals, Summary of the HIPAA Privacy Rule

  • US Department of Health and Human Services (HHS), HIPAA for Professionals, Uses and Disclosures for Treatment, Payment, and Health Care Operations

  • US Department of Health and Human Services (HHS), HIPAA for Professionals, Breach Reporting

  • HIPAA Journal, What Is Considered Protected Health Information Under HIPAA, April 2018

  • HIPAA Journal, HIPAA Compliance Checklist 2018 - 2019

  • HIPAA Journal, What Are the Penalties for HIPAA Violations, June 24, 2015

  • HIPAA One, 7 Ways Employees Can Help Prevent HIPAA Violations, March 8, 2015

CURRENT LIBRARY

Click to view other courses in this Library:

Load More >

OTHER LIBRARIES

LIBRARY GROUPS

Overview
Pricing
Reviews
Provider Info

Compliance Plus is a group of libraries that gives you the flexibility to assign your workforce any number of the 285 plus courses listed. This includes all courses from the Occupational Safety & Health, Environmental Management, Human Resources, Transportation, Canadian Safety & Health, Higher Education, Healthcare, and Training Shorts Libraries for one low price!

You can purchase this course in the following ways:

Need Help?

Contact us

800.770.7767

info@SafetyU.com

Library Group Level

Click here to add your own content, or connect to data from your collections.

Priced from:

$550/mo.

Monthly or Annual

See Options
See Plans

Features

Additional Features

See Plans

load more

Course Reviews

+ Add Review
Reviews
3.0
150 Product ratings
98% would recommend

This Solution is provided by: 
ESSG
Market Partner.png
ESSG App/Gig Partner
ESSG App/Gig Partner
Support info
Support Email.png
Website.png
Provider Website
SafetyU-logo-train-online-900-black.png
1.800.770.7767