HIPAA is not just a legal obligation for clinicians. Everyone who touches systems that store or transmit patient data is accountable. This course explains the HIPAA Security Rule from a technical perspective: what the safeguards require, how to implement them, and how to build a program that holds up when regulators ask questions.
Healthcare data is among the most sensitive information an organization can hold. The HIPAA Security Rule exists to ensure that the systems, people, and processes that handle electronic protected health information (ePHI) are designed to protect it from unauthorized access, disclosure, and loss. For the technologists who build, administer, and support those systems, understanding what the Security Rule actually requires is not optional.
This course covers the HIPAA Security Rule from the ground up: what ePHI is and why the definition matters for technical decisions, how to conduct a risk analysis that satisfies regulators, and what the administrative, physical, and technical safeguards require in practice. It also covers the Breach Notification Rule, which determines when a security incident becomes a reportable event and what the organization must do within specific timeframes.
The course is designed for IT professionals, system administrators, security practitioners, and anyone in a healthcare or healthcare-adjacent organization who is responsible for systems that touch patient data. No prior HIPAA training is assumed, but a basic technical background is expected.
By the end of this course, you will be able to explain the Security Rule safeguard categories, identify what controls are required versus addressable, conduct or support a formal risk analysis, recognize a breach under the HIPAA definition, and understand what an audit-ready HIPAA security program looks like.
One-time payment. Lifetime access. Access link delivered by email.
Already purchased? Resend access link