This course covers information security topics related to the Health Insurance Portability and Accountability Act (HIPAA) security rule. The HIPAA Security Rule requires covered entities to maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting Electronic Protected Health Information (e-PHI). Key topics include, HIPAA Compliance, Information Security Basics, Online Security Threats and How to Counter Them, Password Management, Malware, Insider Threats, Information Classifications, Proper Information Disposal, Clear Desk Policy, Social Engineering, Phishing, Online Scams, Acceptable Use Policies and Ethics, and Incident Response.

The final Omnibus rules for the Health Insurance Portability and Accountability Act (HIPAA), as amended by the HITECH Act places greater responsibility on all Business Associates to safeguard Protected Health Information. Business Associates and their subcontractors will, for the first time, have some absolute obligations for how they can use and disclose protected health information that they handle on behalf of the covered entity. This privacy course is specifically tailored to help employees of business associates understand what information is private, why it is private and what they can do to protect it.

The final Omnibus rule greatly enhances a patient's privacy protections, provides individuals new rights to their health information, and significantly strengthens the government's ability to enforce the law. Training employees to safeguard Protected Health Information (PHI) is a requirement of all "covered entities" based on the Health Insurance Portability and Accountability Act of 1996, as amended by the HITECH Act. This privacy course is specifically tailored to help healthcare employees understand what information is private, why it is private and what they can do to protect it.