Skip to main content

Course Benefits

Since 2019, 81% of course participants passed the CHPS® Exam on their first try compared to only 48% who did not take this course.

guidance counselor advising how to transfer credits

Access to Expert Instructors

Experienced educators guide you through CHPS® exam content with direct access to one-on-one online coaching check-ins.


colleagues taking online course during lunch break

Flexible Education on Your Schedule

Our flexible format includes live sessions and on-demand learning content and offers you two cohort options:

female student studying on tablet

Live Cohort Interaction

Learn from cohort peers using the discussion board and group video calls. This approach empowers you to gain clarity about CHPS® exam topics.


Hear from CHPS Professionals and Educators

"It was worth it. There is a dollar value in the market for having this credential." - Joanne Curran, RHIT, CHPS

Meet the Instructors

Prepare for the exam with a cohort led by our expert educators.

Danika Brinda,  PhD, RHIA, CHPS, HCISPP, Information Security Officer

Danika Brinda, PhD, RHIA, CHPS, HCISPP, Information Security Officer, Healthcare Privacy & Security Consultant, and author of the course book, “Certified in Healthcare Privacy and Security (CHPS®) Exam Preparation”

Robyn Stambaugh, MS, RHIA, CHPS

Robyn Stambaugh, MS, RHIA, CHPS, Practice Director - Professional Development & Education, AHIMA

Course Content Aligned with CHPS® Exam Domains

Take advantage of a comprehensive learning experience addressing each of the CHPS® Exam domains.


  1. Serve as a resource (provide guidance) to your organization regarding privacy and security laws, regulations, and standards of accreditation agencies to help interpret and apply the standards
  2. Demonstrate privacy and security compliance with documentation, production and retention as required by State and Federal law as well as accrediting agencies.
  3. Identify responsibilities as a privacy officer and/or security officer


  1. Create, document, and communicate information including, but not limited to, minimum necessary protocols
  2. Manage contracts and business associate relationships and secure appropriate agreements related to privacy and security (e.g., BAA, SLA, etc.)
  3. Evaluate and monitor facility security plan to safeguard unauthorized physical access to information and prevent theft or tampering
  4. Develop, deliver, evaluate,and document training and awareness on information privacy and security to provide an informed workforce
  5. Work with appropriate organization officials to verify that information used or disclosed for research complies with organizational policies and procedures and applicable privacy regulations
  6. Assess, recommend, revise, and communicate changes to organizational policies, procedures, and practices related to privacy and security
  7. Assess and communicate risks and ramifications of privacy and security incidents, including those by business associates 
  8. Establish a preventative program to detect, prevent,and mitigate privacy/security breaches
  9. Recommend appropriate de-identification methodologies
  10. Verify that requesters of protected information are authorized and permitted to receive the protected information (subpoena, court orders, search warrants)
  11. Define HIPAA-designated record sets for the organization in order to appropriately respond to a request for release of information
  12. Identify information and record sets requiring special privacy protections
  13. Recommend, review,and approve protocols to verify identity and access rights of recipients/users of health information
  14. Establish, maintain, and ensure the distribution process of the organization’s Notice of Privacy Practices
  15. Establish and maintain operational systems to receive, process, and document requests for patients’ rights as outlined in the Notice of Privacy Practices 


  1. Participate in the development and verify maintenance of the inventory of software, hardware, and all information assets to protect information assets and to facilitate risk analysis
  2. Participate in business continuity planning for planned downtime and contingency planning for emergencies and disaster recovery
  3. Participate in evaluation, selection, and implementation of information privacy and security solutions
  4. Implement a systematic process to evaluate risk to and criticalities of information systems which contain protected Health Information(PHI) 
  5. Participate in media control practices that govern the receipt, removal, re-use, or disposal (internal and external destruction) of any media or devices containing sensitive data
  6. Assess and monitor physical security mechanisms to limit the access of unauthorized personnel to facilities, equipment, and information
  7. Establish reasonable safeguards to reduce incidental disclosures and prevent privacy breaches
  8. Participate in the development and management of the organization’s information security plan
  9. Participate in the organizational risk analysis plan to identify threats and vulnerabilities
  10. Monitor compliance with the security policies and ensure compliance with technical, physical, and administrative safeguards
  11. Establish internal policies, procedures, and rules to protect information and participate in the development of guidelines, procedures, and controls to ensure the integrity, availability, and confidentiality of communication across networks 
  12. Ensure appropriate technologies are used to protect information received from or transmitted to external users
  13. Advocate the use of event triggering to identify abnormal conditions within a system (e.g. intrusion detection, denial of service, and invalid log-on attempts).
  14. Establish and manage facilitate process for verifying and controlling access authorizations, authentication mechanisms, and privileges including emergency access
  15. Evaluate the use of encryption for protected health information and other sensitive data


  1. Monitor and assess compliance with state and federal laws and regulations related to privacy and security to update organizational practices, policies, procedures,and training of workforce
  2. Coordinate the organization’s response to inquiries and investigations from external entities relating to privacy and security to provide response consistent with organizational policies and procedures
  3. Develop performance measures and reports to monitor and improve organizational performance and report to appropriate organizational body
  4. Enforce privacy and security policies, procedures, and guidelines to facilitate compliance with federal, state, and other regulatory or accrediting bodies
  5. Monitor access to protected health information
  6. Establish an incident/complaint investigation response, develop response plan, and identify team members to respond to a privacy or security incident
  7. Coordinate mitigation efforts
  8. Develop policy and procedure for breach notification (federal)
  9. Educate workforce on reporting requirements for breach notification (federal)
  10. Perform risk assessment for breach notification (federal)
  11. Notify appropriate individuals/agencies/media within time frame for breach notification (federal)
  12. Maintain the appropriate documentation for breach notification (federal)

Prepare to take the CHPS® exam.

Start your journey toward new career opportunities protecting patient data.

Download the course overview brochure

Back to top