The eLearning Center for Gatlin Education Services

This course will help you:

Understand HIPAA''s basic facts and requirements;
Comply with the Privacy Rule, the Transaction Rule, and the Security Rule;
Acquire checklists and forms;
Avoid penalties and other risks associated with non-compliance;
Understand the relationships between HIPAA and the Codes of Ethics;
Learn general principles of state/federal preemption statutes with an emphasis on California law.

This course is intended to help psychologists, counselors, MFTs, social workers, psychiatrists, psychotherapists, and other mental health professionals with small private practices become compliant with the HIPAA regulations. The course provides basic knowledge and fundamental tools and is written in simple, understandable language.

Introduction
  Introduction to the Kit
  Disclaimer, Copyrights, and Liability Statements
  Introduction to Third Edition
  List of Abbreviations
Section I: How to Use This Kit
  1. What is the goal of the Kit?
  2. How is the Kit organized & what terminology does it use?
  3. How can I best use this Kit?
  4. What is this Kit not?
Section II: HIPAA – The Basics
  5. Generally, what is HIPAA?
  6. What is a Covered Entity (CE) and am I one?
  7. Do I need to comply even if I do not own a computer?
  8. What does “scalable compliance” mean for me?
  9. What/who is the Privacy Officer in a solo, private practice?
  10. How easy is it to become compliant?
  11. What are the basic requirements for compliance?
  12. What happens if I did not get compliant by the deadlines?
  13. What are the Privacy, Security, and Transaction Rules?
  14. What are the HIPAA general deadlines?
  15. What can trigger the Privacy Rule or HIPAA audit?
  16. What will happen if I do not comply with HIPAA?
  17. What does HIPAA not do?
  18. What do we not yet know about HIPAA?
Section III: The Privacy Rule: Records & Access
  19. What is the HIPAA Privacy Rule?
  20. How is therapist-patient privacy protected?
  21. What is PHI?
  22. What about keeping two sets of records?
  23. What are Psychotherapy Notes?
  24. What do the Psychotherapy Notes include?
  25. What is excluded from the Psychotherapy Notes?
  26. Can I see an example of the two types of notations?
  27. Do individuals have a right to review Psychotherapy Notes?
  28. Do MC Co’s have the right to review Psychotherapy Notes?
  29. Does Medicare have the right to review Psychotherapy Notes?
  30. What about sharing Psychotherapy Notes w/ other clinicians?
  31. Can a client authorize disclosure of the Psychotherapy Notes?
  32. Can Psychotherapy Notes be disclosed w/o authorization?
  33. What is the Supreme Court 1996 Jaffee v. Redmond decision?
  34. What about re-disclosure of Psychotherapy Notes?
Section IV: The Privacy Rule: Consents, Notice, & Releases
  35. What do I need to know about consents and authorizations?
  36. What is TPO?
  37. What about the consent for TPO?
  38. Can a patient revoke his/her consent for TPO?
  39. If patient revokes consent for TPO, can therapist be paid?
  40. What about August/02 fed amendment to consent for TPO?
  41. What are the issues around authorizations?
  42. Which basic forms must I have?
  43. What is compound authorization?
  44. When is neither consent nor authorization required?
  45. What about HIPAA’s Notice of Privacy Practices?
  46. Should I post Notice on my website or send electronically?
  47. What about patients’ rights to request privacy?
  48. If I have Informed Consent, do I also need a HIPAA consent?
  49. What is the difference between “use” and “disclosure”?
  50. How do I deal w/ judicial system and admin proceedings?
  51. How do I deal with law enforcement agencies?
  52. What about disclosure where there is a threat or danger?
  53. What rights do patients have to access their records?
  54. When do patients NOT have the right to access?
  55. What is time frame for patient’s request to review records?
  56. Must patients pay for copies they request?
  57. What rights do patients have to amend their records?
  58. What about minors’ records?
  59. What about business associates?
  60. What about consultation?
  61. Can therapist disclose records created by other providers?
  62. What about disclosures for research purposes?
  63. What are substance abuse disclosure considerations?
  64. What are the considerations for an account of disclosures?
  65. What is the “need to know” requirement?
  66. What is the “minimum necessary” requirement?
  67. Can therapists disclose to professional liability insurance?
  68. Does Privacy Rule create government database?
  69. Can therapists call out names of patients in waiting rooms?
  70. What about disclosure to collection agencies?
  71. Can clearinghouses and health plans use PHI?
  72. Can one have joint consents?
  73. Can one have combined consents?
  74. What are re-disclosures?
  75. What is a Disclosure Record?
  76. What does de-identifying mean?
  77. What are limited data sets?
  78. What does HIPAA say about marketing?
Section V: The Security Rule:
  79. What is HIPAA’s Security Rule?
  80. What are differences between the Privacy and Security Rules?
  81. What is the good news about the Security Rule?
  82. What are the four elements of the Security Rule?
  83. What are the Administrative Procedures of the Security Rule?
  84. How shall I physically arrange my?
  85. How about protection from disasters?
  86. What do I need to consider regarding phones?
  87. What do I need to consider regarding fax machines?
  88. What about general computer security and protection?
  89. What about e-mail security?
Section VI: The Transaction Rule
  90. What is the Transaction Rule?
  91. What about uniformity of electronic claims?
  92. Which ICD, DSM, or CPT codes are required under HIPAA?
  93. Does HIPAA mandate therapists to use electronic claims?
  94. What are my choices in regard to billing?
  95. What are my options in regard to electronic insurance claims?
  96. What is the role of a clearinghouse?
  97. What are the identification standards?
  98. What about Code Sets?
  99. Does Medicare mandate electronic billing?
  100. What are some basic terms and acronyms?
Section VII: Additional Requirements
  101. What are the general administrative requirements?
  102. How can I assess my vulnerability?
  103. What about staff training?
  104. What about procedures in my office?
  105. What are some of the steps towards HIPAA compliance?
Section VIII: HIPAA and State Law
  106. What is the preemption analysis?
  107. Under what conditions does HIPAA preempt state laws?
  108. What happens when state law conflicts with HIPAA?
  109. What happens when state law/HIPAA are not comparable?
  110. What are relationships between HIPAA/The Codes of Ethics?
Section IX: HIPAA and California Law
  111. What are the relationships between HIPAA and California law?
  112. When do HIPAA regulations preempt California laws?
  113. What are the instances where California laws preempt HIPAA?
  114. Where can I find online resources for HIPAA in CA?
Section X: Ready-to-Adapt Forms
  Form I: HIPAA Compliance Checklist
  Form II: HIPAA Notice of Privacy Practices
  Form III: Authorization to Release Information
  Form IV: Request for Amendment of Health Information
  Form V: Standard Office Policies (Pre-HIPAA)
  Form VI: Consent to Use and Disclose TPO
  Form VII: Tracking of Releases
  Form VIII: Account of Disclosures
  Form IX: Denial of Access to PHI
  Form X: Denial of Request for Amendment
  Form XI: Business Associate Contract
  Form XII: Complaint Form
  Form XIII: Acknowledgment of Receipt of Notice
Section XI: Bibliography, Resources and Subject Index
  References
  Additional Online Resources
  Subject Index
Section XII: Ethics Codes
  Ethics Codes
CE Test
Course Evaluation