We have
trainers for:
 
 
 

Certified HIPAA Security Specialist (CHSS)

Overview

In this HIPAA Security boot camp all defined HIPAA security requirements are examined and solution options identified to achieve the security of health care entities.

The HIPAA security provision brings e-commerce to the healthcare industry, resulting in the deployment of security technologies. This course addresses the core elements of the five security domains defined by the HIPAA Security Rule.

Topics are addressed in the context of required implementation features, associated security technologies, and security policies. Each security domain is covered via healthcare examples, templates, and solutions relevant to healthcare organizations considering their security options.

Objectives

  • Understanding of all mandatory and optional HIPAA security compliance requirements
  • Developing the core elements of a health care entity security policy document
  • Examination of the security technologies enabling support of the HIPAA security requirements
  • Identifying core elements of the Compliance Plan all health care entities are required to develop for business continuity and disaster recovery
  • Validation of HIPAA security skills and knowledge
  • Preparation for the HIPAA Security Specialist (CHSS) exam.

Prerequisites

  • A passing score on the Certified HIPAA Professional (CHP) exam or equivalent knowledge
  • Recommended that the candidate attend the 3-day Certified HIPAA Professional course

Course Outline:

Security and Electronic Signature Standards

  • Approach and Philosophy
  • Security Principals
  • Security Domains
  • Privacy Rule Requirements
  • Threats and Attacks
  • Securing a Physician's Practice

Administrative Procedures

  • Certification
  • Chain of Trust Partnership
  • Contingency Planning
  • Formal Record Processing
  • Information Access Control
  • Internal Audit
  • Personnel Security
  • Security Configuration Management
  • Security Incident Procedures
  • Security Management
  • Termination Procedures
  • Training
  • Developing a Contingency Plan

Physical Safeguards

  • Assigning Security Responsibility
  • Media Controls
  • Physical Access Controls
  • Policy/Guideline on Workstation Use
  • Security Awareness Training


Technical Security Services

  • Access Control
  • Audit Control
  • Authorization Control
  • Data Authentication
  • Entity Authentication
  • Strong Authentication Solutions

Technical Security Mechanisms

  • Telecommunications and Networking Security
  • Access Controls
  • Alarm
  • Audit Trail
  • Integrity Controls
  • Message Authentication
  • Entity Authentication
  • Event Reporting
  • IPSec VPN
  • Wireless Security
  • Cryptography
  • Public Key Infrastructure (PKI)
  • Firewall Systems
  • Intrusion Detection Systems


Electronic Signatures

  • Message Integrity
  • Non-repudiation
  • User Authentication
  • Optional Requirements
  • Digital Signatures
  • PGP
  • S/MIME
  • Digital Certificates

Security Policy

  • ISO 17799 and BS 7799 Security Standards
  • Security Management
  • Policy and Procedures
  • Types of Policies
  • Reviewing a Security Policy Template

Getting Started, Security Initiatives

  • Security Assessment and Gap Analysis
  • Healthcare Network and System Integration
  • Hardening the Operating System

 

.
    
back to top

UnixTrainer, Inc.
760-471-7070
Trainers@UnixTrainer.com