Blog Archives

CIOs and HIPAA Security

CIOs of large healthcare providers are challenged by putting together those pieces of the IT puzzle to move technology in a direction consistent with the organization’s mission.  In addition to multiple vendors, systems integration, budgets, staffing, and preventing downtime, CIOs must keep abreast the ever-changing regulation landscape surrounding electronic protected health information (ePHI).  Knowledge of the HIPAA Security Rule at the expert level is essential now that CMS (Centers for Medicare and Medicaid Services), OCR (Office of Civil Rights) and state attorneys general are responsible for enforcing HIPAA rules.

The HIPAA Security Rule requires more than just data encryption of ePHI.  Security risk assessments, gap analyses and remediation are examples of measures required by HIPAA that also tie into requirements for MU (meaningful use) EHR (electronic health record) incentive.  Subsequently, HIPAA Security Rule training for IT staff takes the compliance burden off of the CIO.  HIPAA Security training is also appropriate for the following job roles (this list is not exclusive):


·         HIPAA Security Compliance Officer of covered entities & business associates

·         IT Managers

·         HIPAA Security Compliance Team members of covered entities & business associates

·         IT Consultants involved in the healthcare industry.

·         Software developers in the healthcare industry

HIPAA Security training also includes ARRA (American Recovery and Reinvestment Act) HITECH (Health Information Technology for Economic and Clinical Health), which states BAs (business associates), previously considered a mere adjunct of the CE (covered entity), are now statutorily obligated to meet HIPAA Security requirements.  Even compliance professionals offer dissenting interpretations of HIPAA legislation’s finer points.  However, HIPAA Security training is your best source to wrap your arms around the Security Rule through a comprehensive course that offers an exam upon completion.  Passing the exam validates your knowledge of the HIPAA Security Rule and results in a certification: CHSE (Certified HIPAA Security Expert). 

 Healthcare entities seek individuals with HIPAA and HITECH knowledge.  If you are seeking employment in the healthcare IT field, the CHSE alone will not secure a job, but it is an invaluable marketing tool that will capture a prospective employer’s attention and may open an otherwise closed door. 

HIPAA Security training enables you to implement appropriate policies and procedures that comply with the HIPAA Security Rule and provides necessary tools to educate all staff handling ePHI.  In addition, the course provides an overview of the HIPAA Privacy Rule, including steps for HIPAA Privacy compliance. 

If you are a business associate, provide training to your staff to become Certified HIPAA Security Experts to prove to a covered entity that HIPAA compliance is a priority for you.

          HIPAA Security training puts you in the driver’s seat on the road to healthcare compliance and provides valuable resources for use well after course completion. 

          Click here to become a Certified HIPAA Security Expert.