HIPAA (Health Insurance Portability Accountability Act of 1996)

Welcome to Homestead School’s Internet course.  Please use the navigation bar on the left hand side to move between sections.

  1. Introduction brings you to this page.
  2. Copyright will display the legal information about this course and its provider.
  3. Introduction will take them to the page that I’ve re-written.
  4. CE Credit gives you the instruction on how to complete this course and earn the CE credit.
  5. Learning Objectives are spelled out here for this course.
  6. Contents gives you an overview of the course.
  7. Text is broken into several chapters and you should be able to go back and forth among these chapters.
  8. Post-Test consists of several true/false or multiple-choice questions which you must answer.  The passing score is 70%.  The test is graded interactively, so you’ll know your score at the end.
  9. Course Evaluation We’d like you to complete the course evaluation as it allows us to improve our offerings.  We value highly your comments.
  10. If you’ve any questions, please use Contact Us.

If you would prefer, you can print each section, read the course off-line, and then return and take the quiz on the Internet. To print the course, click on the Text, click on the center frame, then click file/print/ok. Repeat this process for each section listed under contents on the left hand side. Please be advised that the Text section is large, anywhere from 100 to several pages depending upon the course.


Student Course Evaluation Form

We constantly strive to improve the quality and usefulness of our Internet study courses toward your continuing education. We ask that you fill out this questionnaire as part of the course assignment. This will allow us to monitor the quality of our program and make it responsive to your needs.

Information

Please provide the following contact information:

  • Category: HIPAA (Health Insurance Portability Accountability Act of 1996)
  • Evaluation of the learning experiences provided by the Internet study course completed: (Check one letter: A = Excellent, B = Good, C = Fair, D = Unsatisfactory)
  • 6. Your assessment of course content:
  • hours
  • Are there other subjects areas that would interest you.

Learning Objectives

After completion of the course you’ll be able to:

Privacy Rule: General Topics

  1. List 5 things that the HIPAA Privacy Rule requires the average provider or health plan to do.
  2. Describe how the HIPAA Privacy Rule protects individuals’ medical records and other personal health information.

Covered Entities

  1. Explain which entities are covered by the Privacy Rule by following decision trees.

Business Associate

  1. Define business associate, provide several examples of business associates, and frame a business associate contract.

Permitted Uses and Disclosures

  1. Discuss six permitted uses and disclosures of protected health information.

Minimum Necessary

  1. Define the HIPAA Privacy Rule’s minimum necessary standard and its application in the use and disclosure of protected health information.

Right to Access Medical Records

  1. Explain the right of access to the protected health information afforded to patients under the HIPAA Privacy Rule.

Right to Amend Medical Records

  1. Explain the right to amend the protected health information afforded to patients under the HIPAA Privacy Rule.

Right to Accounting Disclosures

  1. Explain the right to an accounting of disclosures of protected health information afforded to patients under the HIPAA Privacy Rule.

Incidental Uses and Disclosures

  1. Discuss various situations where incidental uses and disclosures of protected health information are permitted under the Privacy Rule.
  2. Provide examples of reasonable safeguards a covered entity must implement to limit incidental, and avoid prohibited, uses and disclosures of protected health information.

Public Health Uses and Disclosures

  1. Explain how a covered entity can disclose protected health information to a public health authority and comply with the requirement to provide individuals with an accounting for disclosures.

Marketing Uses and Disclosures

  1. Define marketing and distinguish between what is marketing and what is not marketing under the HIPAA Privacy Rule.
  2. Discuss situations when an authorization is required from the patient before a provider or health plan can engage in marketing to that individual.
  3. Distinguish between activities for treatment or health care operations versus marketing activities.
  4. Identify two circumstances when a patient’s prior authorization is required for the use and disclosure of protected health information for marketing.

Workers’ Compensation

  1. Discuss how the Privacy Rule works with respect to disclosures for workers’ compensation.

Limited Data Set

  1. Discuss the requirement of limited data set.
  2. Discuss the use and disclosure of limited data set to a business associate under the HIPAA Privacy Rule.

Notice of Privacy Practices

  1. Discuss the right provided by the Privacy Rule to individuals to receive a notice of privacy practices for protected health information, and specify the content of the notice.
  2. Identify three entities who are not required to develop a notice of privacy practices.

Personal Rep/Parents and Minors

  1. Identify individuals and circumstances under which these individuals can have access to protected health information of minors or other individuals.

Research Uses and Disclosures

  1. Explain the application of HIPAA Privacy Rule in research uses and disclosures of protected health information.

Administrative Simplification

  1. Discuss the implementation of administrative simplification requirements by HHS.

Learning Objectives

  1. Protecting the Privacy of Patient’s Health Information
    • Overview
    • Patient Protections
    • Health Plans and Providers
    • Outreach and Enforcement
  2. Summary of the HIPAA Privacy Rule
    • Introduction
    • Statutory & Regulatory Background
    • Who Is Covered by The Privacy Rule
    • Definitions
    • Business Associates
    • What Information Is Protected
    • General Principle for Uses and Disclosures
    • Permitted Uses and Disclosures
    • Authorized Uses and Disclosures
    • Limiting Uses and Disclosures to the Minimum Necessary
    • Notice and Other Individual Rights
    • Administrative Requirements
    • Organizational Options
    • Other Provisions: Personal Representatives and Minors’ Personal Representatives
    • State Law
    • Enforcement and Penalties for Noncompliance
    • Compliance Dates
    • Copies of the Rule & Related Materials
    • Incidental Uses and Disclosures
    • Minimum Necessary
    • Personal Representatives
    • Business Associates
    • Uses and Disclosures for Treatment, Payment, and Health Care Operations
    • Marketing
    • Disclosures For Public Health Activities
    • Research
    • Disclosures For Workers’ Compensation Purposes
    • Notice of Privacy Practice For Protected Health Information
    • Restrictions on Government Access to Health Information
  3. Implementation of Administrative Simplification Requirements by HHS
      • Overview
    • Implementation Plan
    • Standards Adoption Process
    • Public and Private Sector Input into the Standards Development Process
    • Implementation Schedule
      • Understanding CMS’s Compliance Policy
      • What Is a Contingency Plan?
      • Steps For Contingency Planning
      • Health Plan Responsibilities
      • Review Your Good Faith Efforts to Comply
  4. Security Standard
    • General Approach
    • Specific Requirements
    • Guidance on Compliance with HIPAA Transactions and Code Sets After the October 16, 2003 ImplementationDeadline
      • Enforcement Approach
      • Working Toward Compliance
    • HIPAA Administrative Simplification Compliance Act (ASCA)
    • Electronic Transaction Standards
    • Code Set Standards
      • What Is a Code Set
      • What Code Sets Have Been Adopted as HIPAA Standards?
  5. FAQ About HIPAA
    • HIPAA: In General
    • Privacy Rule: General Topics
    • Protected Health Information
    • Preemption of State Law
    • Covered Entities
    • Compliance Dates
    • Minimum Necessary
    • Business Associates
    • Treatment/Payment/Health Care Operations
    • Right to Access Medical Records
    • Complaints
    • Right to an Accounting of Disclosures
    • Incidental Uses and Disclosures
    • Public Health Uses and Disclosures
    • Facility Directories
    • Disclosure to Family and Friends
    • Disclosures Required by Law
    • Disclosures for Rule Enforcement
    • Disclosures for Law Enforcement Purposes
    • Authorizations
    • Marketing Uses and Disclosures
    • Workers’ Compensation Disclosures
    • Notice of Privacy Practices
    • Personal Reps/Parents and Minors
    • Limited Data Set
    • Research Uses and Disclosures
    • Transition Provision

Appendix A: Notice of Privacy Practices

Appendix B: Sample Business Associate Contract

Appendix C: How to File a Health Information Privacy Complaint With the Office For Civil Rights



Contact Us