Skip Navigation or Skip to Content

Advanced Technology College

Print Course information
Email me when offered
Return to Course Catalog

Course Catalog > Instructor Led Prof. Excellence Workshop

HIPAA Compliance   

Learn how to comply with the duties, rights, and responsibilities of HIPAA, ARRA & HITECH.

Are you a health care professional or considering a career in the health care industry, or do you provide services to a health care organization? If the answer to any of these questions is yes, then it is mandatory that you understand the compliance requirements of HIPAA, and subsequent rules and laws that affect HIPAA. These laws require all health care professionals to take careful steps to protect sensitive health information. In this course you will examine the compliance process. You will focus specifically on the Administrative Simplification portion of HIPAA. This course will give real world examples to explain the Privacy rule. You will examine what is meant by covered entities, business associates, and many other relationships within the health care industry impacted by HIPAA. You will understand how computers fit into the Security Rule and examine many types of safeguards, which are crucial components of the Security Rule. You will also learn about the Office for Civil Rights, HIPAA's watchdog organization.

By the time you finish this course, you will be confident and capable of implementing HIPAA's Administrative Simplification rules, and the laws impacting it, in your own organization. If you are just starting your career in the health care field, you will have a priceless addition to your resume.


Hardware Requirements:

  • This course can be taken on either a PC, Mac, or Chromebook.

Software Requirements:

  • PC: Windows 8 or later.
  • Mac: macOS 10.6 or later.
  • Browser: The latest version of Google Chrome or Mozilla Firefox are preferred. Microsoft Edge and Safari are also compatible.
  • Adobe Acrobat Reader.
  • Software must be installed and fully operational before the course begins.


  • Email capabilities and access to a personal email account.

Instructional Material Requirements:

The instructional materials required for this course are included in enrollment and will be available online.

If you are just starting your career in the health care field, HIPAA Compliance training is a priceless addition to your resume. This course provides an understanding of the compliance requirements of HIPAA, and subsequent rules and laws that affect HIPAA.

Introduction to HIPAA

The first lesson will lay out the foundation of HIPAA so that you'll understand the motivation behind the law. It will focus specifically on the Administrative Simplification portion of HIPAA and give you a good idea of its goals. As with any law, noncompliance comes at a price, so you'll also take a look at the penalties involved for anyone who ignores HIPAA's requirements.

HIPAA's Major Players: Covered Entities, Business Associates, and Related Organizations

Are you interested in working in a medical or dental office, an insurance company, or a government agency like the Centers for Medicare and Medicaid Services or the Department of Health and Human Services? All of these organizations are subject to HIPAA, and all of them have to work together. In this lesson, you'll learn which groups must comply with HIPAA's rules and standards as they gather and transmit health-related information. By the time you're done with this lesson, you'll know the difference between a covered entity, a business associate, and a trading partner.

Transactions, Code Sets, and Identifiers

It's time to put your newfound lingo to use. The overriding goal of HIPAA is to protect personal health information. In this lesson, you'll identify the 12 types of electronic transactions that HIPAA covers. You'll also take a peek at the code sets and identifiers used in these transactions. Transactions, code sets, and identifiers are key to your understanding of HIPAA, and this lesson will put those pieces of the puzzle together.

Introduction to the Privacy Rule

What happens if you or your employer violates the Privacy Rule? Could a court fine you or even send you to jail? What if the privacy breach was unintentional, and you tried to fix it as soon as you found out? Would that have any effect on your punishment? In this lesson, you'll answer these questions and many others as you delve into the administrative requirements of the Privacy Rule. You'll find out about civil and criminal penalties for noncompliance and wrongful disclosure of protected health information.

Use and Disclosure of Protected Health Information

Now that you understand the Privacy Rule, you'll take the next step and delve into the requirements for using and disclosing protected health information (PHI). HIPAA has two types of disclosures: required and permitted. At the end of this lesson, you'll understand the difference between the two. Another concept that figures heavily into the entire HIPAA picture is minimum necessary. You'll see how this concept fits neatly into the issue of PHI disclosures.

Patient Rights

Under HIPAA, patients have seven fundamental privacy rights. You'll examine those rights in this lesson and find out what procedures HIPAA requires to ensure that patients can access their own medical information and control how others disclose that information. You'll also see how state laws can expand on HIPAA's provisions.

Introduction to the Security Rule

The Security Rule is the companion to HIPAA's Privacy Rule. In this lesson, you'll turn your attention to the concept of information security. Security has its own key terms, and you'll spend some time on them so that you'll be familiar with their meanings. If you don't know the difference between a hacker and a spoofer, you will by the time this lesson is done! The lesson will also address the various threats that can exist when you electronically handle and transmit protected health information.

Risk Management and the Security Rule Standards

How common are security breaches in the real world, and what effects can they have? As you continue to investigate HIPAA's Security Rule, you'll explore its fundamental approach to addressing security. You'll examine the philosophy and principles behind the Security Rule, then go over the standards for implementation and learn which ones are required and which are simply addressable. You'll also examine the frequency and costs of some real-life security breaches, which will help you understand why effective security practices matter so much.

Administrative Safeguards

The Security Rule covers three major areas: administrative safeguards, physical safeguards, and technical safeguards. By the end of this lesson, you'll understand what administrative safeguards are and how they could affect you at your job.

Physical and Technical Safeguards

Continuing the journey into HIPAA's Security Rule, in this lesson, you'll examine the philosophy and principles behind the Security Rule. You'll go over the standards for implementation and learn which ones are required and which are simply addressable. You'll also take a look at some real-life security breaches, which should emphasize the need for good security practices.

Compliance, Rules, and Agreements

The previous lessons emphasized how important it is for your organization to comply with HIPAA, but what if one of your business associates fails to comply and leaves your patients' data exposed? In recent years, the federal government has tightened up rules related to business associates and security breaches. In this lesson, you'll explore the rules and laws about compliance and business associates. By the time you're done, you'll understand the basics of a business associate agreement.

HIPAA: Wrapping It Up!

When it's time to begin creating your own policies and procedures to implement HIPAA, it helps to have a framework to follow. That's what this lesson will give you: a description of the most common frameworks available so that you can choose the one that best suits your organization. You'll also look at some healthcare trends so that you'll have an idea of what the future holds for HIPAA.

What you will learn

  • Learn about the Administrative Simplification portion of HIPAA
  • Learn about transactions, code sets, and identifiers, which are all key elements in the HIPAA-mandated electronic health care transmissions
  • Discover the Privacy Rule, which governs patient rights and disclosure of protected health information
  • Learn how computers fit into the Security Rule
  • Learn about administrative safeguards, physical safeguards, technical safeguards, and policy and procedure creation
  • Learn about the civil and criminal penalties for non-compliance

How you will benefit

  • Understand and comply with the requirements of HIPAA
  • Know how to best protect patient confidentiality
  • Gain a priceless addition to your healthcare resume

Carline Dalgleish

Carline Dalgleish has worked in medical office administration for over 30 years. She holds a bachelor's degree in Business Information Systems, a master's degree in Leadership, and a post-baccalaureate certificate in Health Information Management. She is a Registered Health Information Administrator and an AHIMA Approved ICD-10-CM/PCS Trainer. Dalgleish is the author of an ICD-10 coding system and also owns her own consulting firm, AnnGrant Educational Services.


Some Title