Ensuring the privacy, security, and confidentiality of personal health information has been a fundamental principle for the health information management (HIM) profession throughout its 80-year history. Today, HIM professionals continue to face the challenge of maintaining the privacy and security of patient information, an effort that grows in complexity as information becomes more and more distributed in electronic systems. The challenge of this responsibility has also increased due to the constantly changing legislative and regulatory environment.
Regulations have impacted privacy and security:
Click here to watch video
The Privacy Rule sets the floor providing baseline requirements to preserve the overall confidentiality of protected health information (PHI) regardless of type (e.g. verbal, paper, electronic).
The Security Rule applies only to protected health information in electronic form
The Final HITECH Omnibus Rule strengthens privacy and security protections through
If you have question or would like to learn more about the HITECH Rule, please read our HITECH FAQs.
As the demands for health information become more diverse, health information management (HIM) professionals use their expertise to protect health information and sure the right information is available to the right people at the right time. Successful privacy, security, and confidentiality programs depend on HIM professionals for their expertise on the applicable laws and regulations impacting the appropriate management of healthcare data. HIM professionals ensure privacy and security programs meet compliance and regulatory requirements from the point of creation and implementation and continuously maintained thereafter.
In a time of changing regulations and continuous technology advancement, holding a privacy and security credential has become paramount. AHIMA’s Certified in Healthcare Privacy and Security (CHPS) credential is the only combined privacy and security credential in the industry and is one that is held by many HIM professionals. It is a true attestation to the qualifications and skills set of an HIM professional working in the privacy and security arena. Individuals who achieve the CHPS designation validate their commitment to advancing the management of privacy, security, and confidentiality practices.
HIM professionals hold diverse roles such as organizational and corporate privacy officers, compliance officers, and risk managers, to name a few, and are change agents in policy development and maintenance.
Sample job descriptions include:
HIM professionals advocate for strong privacy and security programs as electronic health record (EHR) systems are implemented and upgraded. HIM professionals provide the functional requirements for electronic health information, taking into account federal and state laws, including e-discovery, to ensure appropriate access, use, and disclosure of health information.
HIM professionals can also impact privacy, security, and confidentiality standards, laws, and regulations outside of their organization in multiple ways.
Ensuring the privacy, security, and confidentiality of personal health information is no easy feat. As the complexity of information grows and becomes more widely distributed across all media, so must the skills and responsibilities of healthcare professionals. If you are committed to ensuring privacy and security programs adhere to compliance and regulatory requirements from creation to implementation, review AHIMA’s privacy and security product offerings.
Privacy, Cybersecurity, and Information Governance Institute
September 22–23 | Miami, FL
AHIMA’s annual Privacy and Security Institute has evolved! Join us in Miami, FL and choose from new focus areas and tracks, gain new insights, and learn about the hottest topics and trends in the industry—all while hearing from the world-class speakers you’ve come to expect from a premier institute like this! Take advantage of early bird registration and save $100 when you register by July 23!
Privacy and Security Training with CHPS Exam Prep Workshop
December 6–7 | Las Vegas, NV
This privacy and security training program consists of two days of face-to-face training, in addition to four pre-recorded webinars. You can also bundle and save! Purchase the exam prep workshop, exam, and CHPS Exam Prep book for one low cost!
The Pillars of a Privacy Program
Part of a three-course series on HIPAA privacy, Pillars of a Privacy Program begins with a bird’s eye overview of HIPAA, including its history and relationship to state health privacy law. It discusses the types of entities covered by HIPAA, the definition of protected health information (PHI), HIPAA enforcement, and the pillars of a compliant privacy program. Our training makes HIPAA easy to comprehend—and stimulating to learn.
HIPPA Privacy: Rights and Responsibilities
Part of a three-course series on HIPAA privacy, Rights and Responsibilities begins with the general requirement that PHI be kept confidential. It then covers the minimum necessary rule, HIPAA’s rules regarding disclosure of PHI, accounting for disclosures, authorization, patient rights, notice of privacy practices, access to records under HIPAA and state law, marketing and sale of PHI, fundraising, and psychotherapy notes.
HIPPA Security: Safeguarding PHI
Part of a three-course series on HIPAA privacy, Safeguarding PHI begins with a discussion of the scope of the Security Rule’s coverage and its basic structure in terms of safeguards, standards, and implementation specifications. The course also discusses the HIPAA Privacy Rule’s general safeguards of all PHI, then focuses on the HIPAA Security Rule’s administrative, physical, and technical safeguards.
HIPAA Privacy for Covered Entities
This course provides essential training about the HIPAA privacy requirements for the entire workforce of Covered Entities (CEs).
HIPAA Privacy for Business Associates
This course provides essential training about the HIPAA privacy requirements for the entire workforce of Business Associates (BAs).
HIPAA Security for Covered Entities and Business Associates
This course provides essential training about the HIPAA security requirements for the entire workforce of Covered Entities (CEs) and Business Associates (BAs).
HIPAA Privacy and Security for Covered Entities
These two sets of courses (also available individually as shown above) provide essential training about the HIPAA privacy and security requirements for the entire workforce.
HIPAA Privacy and Security for Business Associates
Certified in Healthcare Privacy and Security (CHPS) Exam Preparation
Danika E. Brinda, PhD, RHIA, CHPS, HCISPP
Prepare to sit for the CHPS examination with Certified in Healthcare Privacy and Security (CHPS) Exam Preparation. The text includes two 150-question practice exams and covers all four domains on the test to prepare you for the exam. This text will help guide you toward success in attaining this career-enriching credential.
HIPAA by Example, Second Edition
Mary C. Thomason, MSA, RHIA, CHPS, CISSP
e-book also available!
HIPAA by Example provides examples of expert reasoning on how the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules can be applied correctly under various real-life scenarios. Not merely a restatement of the rules, HIPAA by Example provides clarity on questions outside of those addressed in the Rules. Scenarios described in the book are based on actual situations, and answers include best practices and reference current state, federal, and international laws.
Introduction to Health Information Privacy and Security
Laurie Rinehart-Thompson, JD, RHIA, CHP, FAHIMA
e-book also available!
Introduction to Health Information Privacy and Security provides an overview of health information privacy and security, outlining the requirements of the HIPAA Privacy and Security Rules, as well as other laws and organizations that regulate health information. It outlines the basic terms and concepts related to HIPAA privacy and security, and it introduces the reader to practical themes such as threat identification, data security mechanisms, and business continuity that are critical to the management of health information.
All webinars last 60 minutes and begin at 12 noon CT. Registration for live webinars closes 24 hours before the event. After that time you can purchase a recorded version of the webinar.
Don’t worry if you’ve missed a webinar! AHIMA has a number of webinar replays pre-recorded for you to view anytime, anywhere. You will also receive 2 CEUs per webinar replay.
To view all on-demand webinars, click here.
Privacy and Security Toolkits are free to members ($99.95 for nonmembers)! Toolkits can also be found in AHIMA’s Body of Knowledge (BoK)™.
AHIMA’s Body of Knowledge (BoK)™ contains many Privacy and Security articles. Here’s just a sample.
AHIMA’s highly respected Certified Healthcare Privacy and Security (CHPS) credential demonstrates competence in designing, implementing, and administering comprehensive privacy and security protection programs.
The CHPS credential:
Click here to learn more about eligibility requirements and how to apply.