Certified HIPAA Security Specialist (CHSS) 

  

HOME

 

CONSULTING

Networking & Security
HIPAA Compliance 

COURSE DELIVERY

Public
Private
Cruise
Study Resources
 

GENERAL

Registration
Directions
San Francisco
Instructors
Contact
  

COURSES

 

CISCO 

CCNA

ICND

CCNP

BSCI
BCMSN
BCRAN
CIT
Program Info

CCSP

SECUR
CSPFA
CSVPN
CSIDS
CSI
Program Info
 

ASCENDANT

SCNP

HTI
NDC
Program Info

SCNA

ASI
ESS
Program Info

ISC2 

CISSP

 

EC-COUNCIL

CEH

Ethical Hacking

CHFI

Computer Forensics

 

HIPAA ACADEMY

CHA
CHP
CHSS
FAQs


Overview

In this HIPAA Security boot camp all defined HIPAA security requirements are examined and solution options identified to achieve the security of health care entities.

The HIPAA security provision brings e-commerce to the healthcare industry, resulting in the deployment of security technologies.  This course addresses the core elements of the five security domains defined by the HIPAA Security Rule.

Topics are addressed in the context of required implementation features, associated security technologies, and security policies.  Each security domain is covered via healthcare examples, templates, and solutions relevant to healthcare organizations considering their security options.


Objectives

  • Understanding of all mandatory and optional HIPAA security compliance requirements

  • Developing the core elements of a health care entity security policy document 

  • Examination of the security technologies enabling support of the HIPAA security requirements

  • Identifying core elements of the Compliance Plan all health care entities are required to develop for business continuity and disaster recovery

  • Validation of HIPAA security skills and knowledge

  • Preparation for the HIPAA Security Specialist (CHSS) exam. 


Prerequisites

  • A passing score on the Certified HIPAA Professional (CHP) exam or equivalent knowledge

  • Recommended that the candidate attend the 3-day Certified HIPAA Professional course


Course Outline

Security and Electronic Signature Standards

  • Approach and Philosophy

  • Security Principals

  • Security Domains

  • Privacy Rule Requirements

  • Threats and Attacks

  • Securing a Physician's Practice
     

Administrative Procedures

  • Certification

  • Chain of Trust Partnership

  • Contingency Planning

  • Formal Record Processing

  • Information Access Control

  • Internal Audit

  • Personnel Security

  • Security Configuration Management

  • Security Incident Procedures

  • Security Management

  • Termination Procedures

  • Training

  • Developing a Contingency Plan
     

Physical Safeguards

  • Assigning Security Responsibility

  • Media Controls

  • Physical Access Controls

  • Policy/Guideline on Workstation Use

  • Security Awareness Training

Technical Security Services

  • Access Control

  • Audit Control

  • Authorization Control

  • Data Authentication

  • Entity Authentication

  • Strong Authentication Solutions
     

Technical Security Mechanisms

  • Telecommunications and Networking Security

  • Access Controls

  • Alarm

  • Audit Trail

  • Integrity Controls

  • Message Authentication

  • Entity Authentication

  • Event Reporting

  • IPSec VPN

  • Wireless Security

  • Cryptography

  • Public Key Infrastructure (PKI)

  • Firewall Systems

  • Intrusion Detection Systems


Electronic Signatures

  • Message Integrity

  • Non-repudiation

  • User Authentication

  • Optional Requirements

  • Digital Signatures

  • PGP

  • S/MIME

  • Digital Certificates
     

Security Policy

  • ISO 17799 and BS 7799 Security Standards

  • Security Management

  • Policy and Procedures

  • Types of Policies

  • Reviewing a Security Policy Template
     

Getting Started, Security Initiatives

  • Security Assessment and Gap Analysis

  • Healthcare Network and System Integration

  • Hardening the Operating System

 

Back to Top