Get certified in HIPAA for Leaders for just $49.95.
To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video
DOCTOR WILSON: Hi Jenny. PRIVACY OFFICER JENNY: Hi! DOCTOR WILSON: It looks like you’ve been really busy. PRIVACY OFFICER JENNY: Yes. DOCTOR WILSON: Was wondering if you found those policies and procedures yet. PRIVACY OFFICER JENNY: I am still looking through all of this for our book of evidence. I really thought we had one. DOCTOR WILSON: What if we don’t have one? What do we do? PRIVACY OFFICER JENNY: I will need to call our compliance partner, since they will have a copy, and I will need to ask “when was our last assessment?” DOCTOR WILSON: I’m really nervous about this because a previous colleague of mine went through a data breach. It was a complete nightmare for them. I don’t want to go through what they went through. PRIVACY OFFICER JENNY: Please don’t worry. I will make this call to the compliance partner now. DOCTOR WILSON: I appreciate that, thank you. It is a requirement to not only have annual HIPAA compliance training for you and your staff but also a risk assessment and a book of evidence that outlines your practice or business policies and procedures. Now we are going to review how you can be an effective Privacy Officer, Compliance Officer, and a trusted Business Associate. In this Leadership Course, you will learn why a Risk Assessment is required, what is the HITECH Regulation of 2009, and the Omnibus Rule of 2013. We will also cover the importance of customized policies and procedures to create your Book of Evidence, and why a business associate agreement is required. We will also review the types of violations we see in the industry today, and why you as the compliance or privacy officer are key to winning with compliance. We will also review how to handle a complaint and an audit from the Office of Civil Rights or Attorneys. The course objective is to train you how to properly handle PHI, ePHI, and a data breach. Thank you for choosing ProHIPAA! Let’s get started.
Welcome to the ProHIPAA for Leaders course. If you've just taken the General HIPAA course, you likely have a solid foundation on HIPAA already. In this introductory lesson, we'll be going over what you can expect to learn in this course and what your course objective will be. And at the end of the lesson, we'll provide you with a Word about HIPAA Privacy Officers and HIPAA Security Officers.
If your business or organization is in the healthcare industry and works as a covered entity or business associate, you're required to have annual HIPAA compliance training for you and your staff. You're also required to conduct periodic risk assessments and have a Book of Evidence on hand that outlines your practice or organization's policies and procedures.
In the course, you'll learn about what it takes to be an effective privacy officer, compliance officer, and trusted business associate.
In your ProHIPAA for Leaders course, you'll learn the following:
The objective of ProHIPAA for Leaders is to train you on how to properly handle PHI, ePHI, and a data breach. Or better yet, how to reduce your chances of a data breach.
If you just completed the General HIPAA course at ProHIPAA, you may recall some additional information on the duties of a HIPAA Compliance Officer. You might also remember how those duties can be handled by one person or shared – in smaller organizations and businesses – with the person (or people) responsible for privacy and security duties.
In this Word, we're going to look at duties for both HIPAA Privacy Officers and HIPAA Security Officers for larger businesses and organizations that have one or more people in each of those positions.
A HIPAA Privacy Officer is responsible for developing a privacy program that is HIPAA compliant if one doesn't already exist. Or, if your business already has a privacy program in place, a privacy officer is in charge of ensuring that all privacy policies to protect the integrity of PHI are enforced.
Among the duties of a HIPAA Privacy Officer are:
In order to fulfill the duties of a HIPAA Privacy Officer, the appointed person will have to keep up to date with relevant state and federal laws.
The duties of a HIPAA Security Officer are quite similar to those of a privacy officer, but with a security focus rather than privacy. The appointed person will be responsible for:
However, the focus of a HIPAA Security Officer is compliance with the Administrative, Physical, and Technical Safeguards of the Security Rule.
In this respect, the duties of a HIPAA Security Officer can include such diverse topics as the development of a Disaster Recovery Plan – the mechanisms in place to prevent unauthorized access to PHI, and how ePHI is transmitted and stored.
Due to how similar these duties are, the roles of a HIPAA Privacy Officer and HIPAA Security Officer are often performed by the same person in smaller organizations and businesses. And in even smaller businesses, one person could be in charge of handling the duties of a HIPAA Compliance Officer as well.