Intern

0 XP

Healthcare

Master HIPAA compliance from the ground up. This track covers the Privacy Rule, Security Rule, Breach Notification Rule, and Enforcement Rule with real regulatory text, OCR enforcement examples, and hands-on assessment tools. Built for compliance officers, security analysts, and anyone handling PHI.

WORKSPACE SNAPSHOT

FRAMEWORKS

MODULES

CERTIFICATES

SCENARIOS

Module 1 of 7 · HIPAA Overview

HIPAA — The Complete Picture

HIPAA is not one law — it's five rules working together. The Privacy Rule (45 CFR Part 160 and Subparts A and E of Part 164) governs who can access PHI and under what circumstances. The Security Rule (45 CFR Part 164 Subparts A and C) specifically addresses electronic PHI (ePHI) with administrative, physical, and technical safeguard requirements. The Breach Notification Rule (45 CFR §§164.400-414) defines what constitutes a breach and mandates notification timelines. The Enforcement Rule (45 CFR Part 160 Subparts C, D, and E) establishes investigation procedures and penalty structures. The Omnibus Rule (2013) extended HIPAA obligations to business associates and strengthened enforcement.

TRACK NAVIGATOR

LEARNING FLOW

FRAMEWORK FOCUS

CORE FRAMEWORKS

hipaanist-800-53nist-csfiso-27001

TARGET CERTIFICATIONS

HCISPPHITRUST CSFCHPS

PRACTITIONER OUTCOME

Build industry fluency, not generic GRC knowledge

Understand how healthcare regulations shape the control environment.

Move from framework names into operating decisions, evidence, and enforcement pressure.

Use the modules in sequence, then apply the same reasoning in scenarios and projects.