CITI Program is looking forward to seeing everyone at HIMSS 2025!
Overview
Healthcare entities operate with regulations governing health information management (HIM), fraud, abuse, and ethical conduct. Healthcare entities need HIM systems that ensure compliance with HIPAA, fraud laws, and ethical standards, while vendors must design technology to support these requirements.
Vendors need an interdisciplinary approach, as computer coders, system designers, and engineers do not have a healthcare compliance background.
CITI Program offers online courses addressing key compliance areas, providing practical training and insights that can be used by both healthcare entities and vendors.
We highlight here the value of this interdisciplinary training, looking at six key content offerings: Information Security, HIPAA and HITECH for Business Associates, which is part of the Health Privacy (HIPAA) suite of courses, Federal Fraud and Abuse Laws, False Claims Act: A Primer and Guide for Research Organizations, and Conflicts of Interest (COI) in Healthcare.
Why Compliance Training Matters
Healthcare compliance requirements are a cornerstone for both healthcare entities and vendors. Entities must maintain accurate, secure HIM systems to meet HIPAA requirements, avoid fraud, and uphold ethical standards, while vendors need to create software that enables these goals without facilitating noncompliance. Noncompliance risks penalties, breaches, and reputational harm, which makes foundational training critical. CITI Program provides a suite of courses to address these needs, covering data security, privacy, fraud prevention, and conflicts of interest in a healthcare setting.
CITI Program training ensures HIM processes align with legal and ethical requirements for healthcare entities. For vendors, the courses can help identify and guide the development of compliant technology, from electronic health records to billing tools. Accessible online, CITI Program courses offer flexibility as they are self-paced. The courses also provide a certificate of completion.
HIPAA and Security Courses for HIM
Three CITI Program content areas strengthen HIM compliance: Information Security, HIPAA and HITECH for Business Associates, which is part of the HIPAA suite of courses. Information Security focuses on protecting data and devices, covering email encryption, mobile security, and access controls per HIPAA’s Security Rule. Vendors can use the course to understand healthcare entities’ requirements when building secure software; entities can apply the course when creating a compliance program to safeguard electronic records, a core HIM task.
HIPAA and HITECH for Business Associates targets vendors acting as Business Associates (BAs), detailing Privacy, Security, and Breach Notification Rules. The course teaches how software supports PHI security and disclosure tracking. Healthcare entities learn to assess BA compliance. The rest of the HIPAA suite provides a broad HIPAA overview, guiding vendors to design tools like audit logs and helping entities manage disclosures and patient rights.
Together, these options ensure a foundational understanding of the requirements for making HIM systems secure and compliant. Vendors can develop technology that identifies and meets entity needs based on a foundational understanding of the underlying requirements, while entities learn the requirements of maintaining accurate, protected records.
Fraud, Abuse, and FCA Courses for Integrity
Two courses address fraud, abuse, and False Claims Act (FCA) compliance: Federal Fraud and Abuse Laws and the False Claims Act: A Primer and Guide for Research Organizations. Federal Fraud and Abuse Laws cover Stark Law, Anti-Kickback Statute (AKS), Civil Monetary Penalties Law, and the FCA. Healthcare entities can utilize the course to ensure HIM prevents improper billing, while vendors can utilize the course to design tools that support record integrity and do not violate the requirements.
The False Claims Act: A Primer and Guide for Research Organizations course, while from a research organization perspective, provides a foundation for understanding FCA liability as related to healthcare entities and the penalties associated with false claims submitted to the federal government. This includes explanations as to what could be surprisingly considered false claims.
Entities performing research should have this knowledge to protect PHI and grants; vendors should have this knowledge to build software to prevent falsified incorrect coding, billing, and data entry, enhancing health information accuracy. The Federal Fraud and Abuse Laws series helps entities understand requirements so that they may design auditing and monitoring to detect wasteful billing, while vendors should avoid features that could circumvent, promote, or create system-wide violations of federal fraud and abuse laws.
These courses can help reduce FCA risks by ensuring that healthcare entity personnel understand the underlying requirements so that they can create compliance programs with the elements of an effective compliance program that ensures health information reflects true claims and services. This understanding is not only important for healthcare entity personnel, but also for vendors.
Conflict of Interest (COI) in Healthcare
The Conflict of Interest in Healthcare course focuses on managing ethical challenges in healthcare settings. The course addresses conflicts arising from financial interests, vendor relationships, and patient care decisions, emphasizing compliance with laws like the Stark Law and Anti-Kickback Statute. For entities, the course ensures health information reflects unbiased billing and referral practices. Vendors learn to design software that supports transparency, such as tracking disclosures, enhancing HIM integrity. Using real-world scenarios, the course provides strategies to mitigate risks. This training aligns health information with ethical standards, a shared priority for entities and vendors connecting at HIMSS 2025, ensuring compliant and trustworthy operations.
Summary
Healthcare entities and software vendors rely on learning compliance requirements to manage and design HIM effectively. The CITI Program courses noted are available at citiprogram.org and address these interdisciplinary needs and are self-paced and provide certificates of completion. The HIPAA and security suite of courses secure PHI and records, fraud and FCA courses prevent legal risks associated with recordkeeping, as it is the basis for coding and billing, and COI ensures ethical practices. While HIMSS 2025 will unite healthcare entities and vendors, learning the foundational requirements ensures HIM integrity daily.
