Under HIPAA, covered entities, including health plans, health care clearinghouses and covered health care providers, must comply with the HIPAA Security Rule. Because of the Health Information Technology for Economic and Clinical Health (HITECH) Act enacted in 2009, business associates must also comply fully with the HIPAA Security Rule even though they only need to follow some of the HIPAA Privacy Rule requirements. Covered entities and their business associates must create policies and procedures and document their compliance with these rules.
- Lesson 1: Introduction to the HIPAA Security Rule
- Lesson 2: Administrative Safeguards
- Lesson 3: Physical Safeguards
- Lesson 4: Technical Safeguards
- Lesson 5: Organizational Requirements
View full course outline [PDF].