LII:HIPAA Compliance - LII 007 00. Course Introduction

From LIMSWiki
Revision as of 15:52, 15 June 2016 by Avaughan (talk | contribs)
Jump to navigationJump to search

Reason for the Course and Scope

In the U.S. healthcare industry there are two main regulatory laws: CLIA (Clinical Laboratory Improvement Amendments of 1988) and HIPAA (Health Information Portability and Accountability Act of 1996). The first is aimed at clinical laboratories and the second applies to the vast majority of healthcare settings (the exact specifications are described in Lesson 2, LII:HIPAA Compliance - LII 007 02. Who Needs to Comply?). This course is aimed at providing those required to comply with HIPAA some accurate and useful training. Indeed, HIPAA training is mandated in the law itself. This from the U.S. Department of Health and Human Services (HHS):

Workforce Training and Management. Workforce members include employees, volunteers, trainees, and may also include other persons whose conduct is under the direct control of the [covered] entity (whether or not they are paid by the entity).[1] A covered entity must train all workforce members on its privacy policies and procedures, as necessary and appropriate for them to carry out their functions.[2] A covered entity must have and apply appropriate sanctions against workforce members who violate its privacy policies and procedures or the Privacy Rule.

Anyone involved in healthcare has probably already realized that while their own entity's policies and procedures may well be in compliance, there is still a great deal of misunderstanding out there regarding HIPAA, as well as a general lack of knowledge of it beyond those measures that are in place where they happen to work. And it is also a matter of concern that we have encountered an alarming number of courses purporting to provide an acceptable level of training that prove to be significantly lacking in scope, clarity and in some cases accuracy.

This course is designed to provide a substantive, reasonably comprehensive understanding of all of the aspects of HIPAA that have bearing on most healthcare industry professionals. It is based almost completely on first-hand materials from the U.S. Department of Health and Human Services and the actual Health Information and Portability Act of 1996 (HIPAA) law itself, rather than relying on tertiary interpretations and paraphrasing - although several other of these were taken into account to gather and present the fullest comprehension of the materials and their relevance for the Covered Entities it affects. However, it does not and cannot provide every detail for all scenarios. Therefore, citations of source materials are provided, along with links to resources for further research.

Goals of This Course

Meet requirement for HIPAA training as described above.

How it is put together and how it works

  1. "45 C.F.R. §160.103. (2013 HIPAA Omnibus Rule)". U.S. Department of Health and Human Services. https://www.gpo.gov/fdsys/pkg/CFR-2007-title45-vol1/pdf/CFR-2007-title45-vol1-sec160-103.pdf. Retrieved 15 June 2016. 
  2. "45 C.F.R. §164.530 Administrative Requirements". U.S. Department of Health and Human Services. http://www.ecfr.gov/cgi-bin/text-idx?SID=28d0e67c8c8eed49253d4940e6a7d2e0&mc=true&node=se45.1.164_1530&rgn=div8. Retrieved 15 June 2016. 
Retrieved from "https://www.limswiki.org/index.php?title=LII:HIPAA_Compliance_-_LII_007_00._Course_Introduction&oldid=25838"