« Back to All Apprenticeships
Health Information Management Privacy and Security Officer
Maintains current knowledge of applicable federal and state privacy laws and accreditation standards.
Demonstrates understanding of HIPAA laws, standards and state privacy laws.
Provides guidance and assistance in the identification, development, implementation, and maintenance of organization information privacy policies and procedures in coordination with organization management.
Coordinates the development of privacy risk assessment policies and procedures
Performs initial and periodic information privacy risk assessments and conducts related ongoing compliance monitoring activities.
Conducts audits of internal and external privacy functions
Participates in the development, implementation, and ongoing compliance monitoring of all trading partner and business associate agreements.
Develops performance measures and reports to monitor and improve organizational performance and report to appropriate organizational body.
Establishes a preventative program to detect, prevent and mitigates privacy/security breaches.
Coordinates with the Corporate Compliance Officer or legal re: procedures for documenting and reporting any evidence of privacy violation
Establishes an incident/complaint/breach investigation response, develops response plan and oversees investigations of incidents/complaints/ breaches. Determines corrective action/remediation, sanctions and disciplinary actions.
Develop and implement a corporate- wide Privacy Training Program --
Oversees, directs, delivers, or ensures delivery of initial and privacy training and orientation to all employees, volunteers, medical and professional staff, contractors, alliances, business associates, and other appropriate third parties.
in conjunction with the Security Officer Oversight, Cyber Security Awareness & Training Program
Establishes a mechanism to track access to Protected Health Information (PHI), within the purview of the organization and as required by law.
Monitors Access and Disclosure Verification Procedures
Oversees processes to inspect, amend, and restrict access to protected health information when appropriate.
Provides support for organizational processes for use and disclosure of PHI including
Ensures compliance with privacy practices and consistent application of sanctions for failure to comply with privacy policies for all individuals in the organization's workforce, extended workforce, and for all business associates.
amendments, corrections, and accounting for disclosures
Reviews security plans throughout the organization's network to ensure alignment between security and privacy practices, and acts as a liaison to the information systems department.
Establishes and/or monitors an internal privacy audit program
Works with all organization personnel involved with any aspect of release of protected health information, to ensure full coordination and cooperation under the organization's minimum necessary protocols, policies and procedures and legal requirements.
Establish and monitor internal privacy and security audit programs
Participates in the development and maintenance of the inventory of software, hardware and all information assets to protect information assets and to facilitate risk analysis.
Periodically revise the privacy program in light of changes in laws, regulatory or company policy
Monitors advancements in information privacy technologies to ensure organizational adaptation.
Provides input to mitigate information security risk
Introduction to Health Information Privacy and Security: Parts 1 and 2 - 18 req. hrs
How health information is regulated, review of federal laws, state laws and accrediting and certifying bodies. Professional ethical standards and codes of conduct. HIPAA basics for privacy and security.
CHPS Domains 1 & 4: Ethics Regulation, Investigation and Compliance - 12 req. hrs
This course reviews the competencies of ethical, legal, and regulatory issues/external environment including investigation, compliance, and enforcement principles and strategies.
Introduction to Health Information Privacy and Security: Parts 3 and 6 - 18 req. hrs
HIPAA privacy rule concepts to include use and disclosure, marketing and fundraising, and administrative requirements. Key changes under HITECH for privacy provisions.
CHPS Domain 2: Program Management and Administration - 12 req. hrs
This course reviews privacy and security program planning, including areas such as policy and procedure development, access authorization, and de-identification methods.
Introduction to Health Information Privacy and Security: Parts 4 and 5 - 18 req. hrs
HIPAA security rule concepts to include physical safeguards, technical safeguards, organizational requirements and policies, procedures and documentation. Threat identification, risk analysis and disaster recovery/business continuity.
CHPS Domain 3: Information Technology/Physical and Technology Safeguards - 12 req. hrs
Learn best practices to develop and manage a strategic information security plan and implementing optimal technical safeguards including assessing security risks, identifying threats and vulnerabilities. Identify security requirements and appropriate measurements to protect the confidentiality and integrity of ePHI.
AHIMA Breach Management Toolkit - 12 req. hrs
A comprehensive guide for compliance which addresses planning, implementing, and maintaining a breach management process.
AHIMA External HIPAA Audit Readiness Toolkit - 12 req. hrs
Understand the requirements for HIPAA Phase 2 audits and guidance regarding audit preparation and practices.
Common employability modules - 18 req. hrs
Common employability skills to include: Communicating Effectively / Telephone Etiquette / The Mindful Leader / Leveraging Diversity and Strengths in the Workplace / Inspirational Leadership / Social Media Awareness / Excellence in Customer Service
Post-immersion assessment - 4 req. hrs
Retired CHPS exam questions