This content is part of the Essential Guide: HIPAA compliance, patient data security top provider concerns
News Stay informed about the latest enterprise technology news and product updates.

ONC takes stab at HIPAA training and compliance with gaming format

The ONC's chief privacy officer uploaded two game-based HIPAA training modules to prepare players for compliance. Can you get a high score?

Implementing the appropriate safeguards to protect patient's health records can be complex for health organizations. In large healthcare facilities the availability of a compliance officer ensures the presence of professionally trained individuals who install and monitor the necessary safeguards to ensure compliance.

For smaller medical practices it can be challenging to navigate through the technical and administrative compliance requirements of HIPAA. For that reason, the Office of the National Coordinator for Health IT (ONC) developed two Web-based HIPAA training modules. Now live, ONC designed these exercises to assist small medical practices with the challenges that are often faced when responding to privacy and security concerns.

Many of the game scenarios ring realistic. They provide insights into common issues small healthcare provider offices face.

The training modules are set up in a game format that requires users to choose a response to several scenarios, with correct answers scored 10 points each. Questions vary from the technical side of HIPAA to the administrative. It's more than a tabletop brainstorm: Many of the game scenarios ring realistic. They provide insights into common issues small healthcare provider offices face.

The National Institute of Standards and Technology (NIST) also offers online resources and tools that can be downloaded and used to assist in reviewing HIPAA's many and varied requirements. The NIST tools come in the format of questions both on technical and administrative topics; each focuses on a different requirement.

While the site ONC offers provides some insights on how to handle some security challenges, it is imperative to remember that all organizations small or large must ensure that they comply with all of HIPAA's privacy and security rules. Failure to do so could put a practice at risk for financial penalties as well as legal turmoil and negative publicity arising from any breaches.

Reda Chouffani is vice president of development with Biz Technology Solutions Inc., which provides software design, development and deployment services for the healthcare industry. Let us know what you think about the story; email or contact @SearchHealthIT on Twitter.

Next Steps

OCR issues HIPAA audit protocol, signals imminent audit process

Dig Deeper on Electronic health records privacy compliance

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.