After its assessment of the marketplace, the AHA selected ecfirst.com because of its subject-matter expertise in healthcare, the technical excellence and depth of its HIPAA training programs, and its strong track record in serving the healthcare marketplace.

"Because of the complexity of HIPAA regulations and continuing challenges to the security environment, organizations have an ongoing need for training and education. We feel the endorsement of HIPAA Academy's training solutions, including their boot camp offerings, will help healthcare organizations maintain best practices through overall compliance," stated Tim Steffl, vice president of strategic alliances for AHA Solutions. "ecfirst.com, through its deep knowledge of legislations, such as HIPAA, and hands-on experience with solutions that help hospitals improve their compliance, provides an additional resource for AHA members who continue to face the challenges presented by the current regulatory environment."

"ecfirst.com's solutions can be helpful to hospitals and healthcare providers as they continue working to improve compliance with HIPAA security requirements, enhance the security of the digital infrastructure, and maintain the integrity of all electronic protected health information (EPHI)," said Uday Ali Pabrai, ecfirst.com chief executive and co-founder. "The American Hospital Association's endorsement of the quality and breadth of ecfirst.com's HIPAA training solutions is a strong validation of ecfirst.com's longstanding and successful support of the healthcare industry."

The HIPAA security regulations require certain healthcare payors, providers and healthcare clearinghouses to establish procedures and mechanisms to protect the confidentiality, integrity and availability of electronic protected health information, and to ensure the restoration of lost data. Acquisition of expert knowledge about these mandatory federal regulations and understanding applicable options for complete compliance can be a challenge to resources at hospitals and other healthcare providers. Compliance with the security rule cannot be achieved through new information systems alone, and the AHA is pleased to bring additional HIPAA resources to the forefront for its members. Improving compliance will require attention from a hospital's legal, compliance, and information technology departments.

The American Hospital Association is a not-for-profit association of health-care provider organizations and individuals committed to health improvement of their communities. The AHA is the national advocate for its members, which includes close to 5,000 hospitals, healthcare systems, networks, and other providers of care, and 37,000 individuals. Founded in 1898, the AHA provides education for healthcare leaders and is a source of information on healthcare issues and trends. For more information, visit www.aha.org.

AHA Solutions, Inc. is a subsidiary of the American Hospital Association that collaborates with companies to create strategic financial, technology, regulatory, employee benefit, and insurance products and services for healthcare professionals. It functions as a resource agency to AHA-member hospitals and other healthcare organizations. For more information, contact AHA Solutions at 800- 242-4677 or visit www.aha-solutions.org.

ecfirst.com is a leader with rich hands-on experience delivering world-class security regulatory compliance solutions. The ecfirst.com Regulatory Compliance Practice delivers deep expertise with its full suite of services that include contingency planning/Business Impact Analysis (BIA), vulnerability assessment, as well as managed security and IT infrastructure solutions.

ecfirst.com assists all types of organizations with their compliance initiatives for a secure information infrastructure that is compliant with the HIPAA regulation. ecfirst.com can help you with your HIPAA challenges and priorities. ecfirst.com solutions help your organization implement the security safeguards required as a result of the HIPAA legislation. ecfirst.com, an Inc. 500 business, serves a Who's Who client list that includes numerous hospitals, state and county governments, and hundreds of organizations. Talk to ecfirst.com and you will find an organization that is passionate about its services and devoted to its clients. Ask for a free copy of The Art of Information Security (limited to one per organization only).

For more information, please visit www.ecfirst.com.

HIPAA Academy delivers compliance solutions across the United States every day. Our deep knowledge of the HIPAA and Sarbanes-Oxley regulations is substantiated with hands-on experience implementing technical solutions in the healthcare industry. The HIPAA Academy introduced the industry's first, and today's leading, credentials for HIPAA skills certification: Certified HIPAA Professional (CHP) and Certified HIPAA Security Specialist (CHSS). For more information, please visit www.HIPAAacademy.Net.

Certified HIPAA Security Specialist (CHSS)
A core aspect of the HIPAA legislation is to secure electronic medical records. In this HIPAA Security boot camp we examine all defined HIPAA security specifications and identify options and solutions available to secure health care entities.

The HIPAA security provision will result in substantial investment in e-business initiatives and deployment of security technology specifically in the health-care and insurance industries. The Certified HIPAA Security Specialist (CHSS) training helps you understand the core elements for defining the framework towards HIPAA's security compliance. From this HIPAA security compliance training boot camp you will learn the following:

• Understand all required and addressable HIPAA Security implementation specifications
• Analyze international security standards, ISO's 17799 and the BS 7799
• Review core elements of a security policy document for a health care entity
• Examine security technologies that enable support for HIPAA's security requirements
• Review specific requirements and implementation features within each security category
• Identify core elements of a compliance plan that every health care entity is required to develop for business continuity and disaster recovery

Certified HIPAA Professional (CHP)
The Certified HIPAA Professional certification training helps you better understand HIPAA's Administrative Simplification Act as well as how to create a framework for initiating and working towards a blueprint for HIPAA compliance. From this boot camp you will learn the following about HIPAA:

• Understand why HIPAA requirements will cause significant changes in policies, procedures and processes within the organization in the handling of patient records.
• Examine how implementing HIPAA will affect the way healthcare entities organize and staff to achieve and monitor compliance with patient privacy/confidentiality needs.
• Step through qualifications and positioning strategies for a Chief Privacy Officer and requirements for a Chief Security Officer.
• Learn why HIPAA compliance is better focused as a business issue than as an IT issue, although IT will play a major role in implementing compliant systems.
• Review specific requirements and implementation features within each security category.
• Step through how to plan and prepare for HIPAA compliance. HIPAA is about awareness first, assessment second and finally action focused on gaps identified.

Certified HIPAA Administrator (CHA)
In this 1-Day HIPAA Administrator boot camp we examine the impact of the legislation from the perspective of end users, such as nurses and administrators, responsible for delivering and supporting health-care related services. From this Certified HIPAA Administrator Training you will learn the following about HIPAA:

• Overview of the HIPAA legislation and its impact on patients, providers and payment services.
• Understand changes that impact patient and medical records.
• Examine requirements for privacy of patient and payment information.
• Understand security requirements for all electronic medical information and systems.
• Analyze templates to get started with privacy compliance requirements.
• Examine key steps such as Gap Analysis and Remediation to initiate Privacy Rule-related projects and activities.