CompTIA Healthcare IT Technician

1.0 Regulatory Requirements

1.1Identify standard agencies, laws, and regulations.

·    HHS

·    ONC

·    CMS

·    HIPAA

·    Medicare

·    Medicaid

·    ARRA

·    HITECH

·    Meaningful use

·    Eligibleprovider

·    NIST

1.2 Explain and classify HIPAA controls and compliance issues.

·    PHI

·    Covered Entity

·    Security

·    HIPAA Security

oViolations

oFines

oRequirements

·    Releaseof information

·    Access permissions

1.3 Summarize regulatory rules of record retention, disposal, and archiving.

·    Documentation requirements

oTime ofstorage

·    Types of records

oPublicrecords

oPrivate records

oLegal health record

·    Methods ofrecord disposal

1.4 Explain and interpret legal best practices, requirements, and documentation.

·    Waivers of liability

·    Business AssociateAgreements (BAA)

·    Third partyvendorreview and agreements (SLA,MOU)

2.0 Organizational Behavior

2.1 Use best practices for handling PHI in theworkplace.

·    PC placement

·    Privacyscreens

·    Printer placement

·    Screensavers

·    Time lockout

2.2 Identify EHR/EMR access roles and responsibilities.

·    Medical roles

oMD oRN oPA oDA

oPCT

oMA

oNUC

oUA

oLPN

oPM

oOfficeMgr.

oStaff

·    Technical roles

oSecurity administrator

oNetworkadministrator

oSystem administrator

oDesktop support

oDatabaseadministrator

·    Business Associate Access and Contractor Access

·    Access limitations based on role and exceptions

oEmergency access (break the glass)

·    Access based on sensitive patient data

oSensitivity labels and clearance

2.3 Apply proper communication methods in the workplace.

·    Email

·    IM vs. securechat

·    EMR system

·    Fax

·    SecureFTP

·    Phone

·    VoIP

2.4 Identify organizational structures and different methods of operation.

·    Organizational Structures:

oHospital

oPrivate practice

oNursing homes

oAssisted living facilities

oHome healthcare

oHospice

oSurgica centers

·    Methods:

oDifferences in scope of work

oAvailability of resources

oFormality of procedures

2.5 Given a scenario, execute daily activities while following a code of conduct.

·    Communicate in aprofessional fashion

·    Adapt procedural behavior according to different situations and environments

·    Imaging room

oProcedural room

oRecoveryroom

oExamination room

oFloat room

oEmergency room

·    Adapt social behavior based on sensitivity of the environment

·    Use proper sanitation steps– follow medical precautionary guidelines

·    Conform to requirements set forth by project manager

3.0 IT Operations

3.1 Identify commonly used IT terms and technologies.

·    Protocol terms:

oTCP/IP oDNS

oDHCP

oFTP

oWireless (802.11x)

oRDP

·    Devices:

oSwitch

oDomain controller

oPrinter server

·    Industry terms:

oASP

oISP

oClient-server model

oMainframe

oCloud Computing

oVirtualization

oTerminal services

oAPIs

oFiber

·    Languages:

oXML

oSQL

oHTML

oFlash

oPHP

oASP

3.2 Demonstrate the ability to setup a basic PC workstation within an EHR/EMR

environment.

·    Basic installation, configuration and maintenanceprocedures

·    Basics ofoperatingsystems, mouse,keyboard, monitor and applications

3.3 Given a scenario, troubleshoot and solve common PC problems.

·    Malfunctioning hardware

o Mouse o Printer oPower

oMonitor

oCables

·    Software patches/hotfixes/updates

·    Documentation

3.4 Install and configure hardware drivers and devices.

·    Imaging devices:

oBarcode scanner

oDocument scanner

oCard/badge scanner

oFaxprinter

oCamera

oSignature pads

·    Physical interfaces:

oUSB

oIEEE 1394

oSCSI

oSerial

oBluetooth

·    Mobile storage devices:

oFlash drives

oExternal hard drives

oDVDs

oCDs

oTapes

oSD cards

·    Mobile devices:

oTablet PCs

oSmart phones

oPortablemediaplayers

3.5 Compareand contrast basic client networks and tools.

·    DHCPvs. staticIP

·    Adhocvs. infrastructure

·    Command line prompts

oping

oipconfig

otracert

3.6 Setup basic network devices and apply basic configuration settings.

·    Wireless access point

oSecurity settings

oSSID

oGuest network

oAccess point placement

·    Router

oDHCP

oPort forwarding

·    Internet modem

3.7 Given a scenario, troubleshoot and solve common network problems.

·    Cabling

·    Power

·    IPsettings

·    ISP

·    Interference

·    Signal issues

3.8 Explain the features of different back up configurations and the associated maintenance practices.

·    Daily

·    Differential

·    Incremental

·    Archive flags

3.9 Classify different server types, environments,features, and limitations.

·    Databaseserver

·    Application server

·    Interfaces

·    Physical connections  

·    Server loadand utilization

·    Application services

·    OS and application interoperability

·    Storage space limitations based on application usageand electronic record storage

3.10 Compare and contrast EHR/EMR technologies and how each is implemented.

·    ASP/Cloud vs. client-server (locally-hosted)

·    Browser vs. installed application vs. terminal/remoteaccess

·    Hardware requirements

4.0 Medical Business Operations

4.1Identify commonly used medical terms and devices.

·    Interfaces:

oHL7

oe-prescribing

oCCD

oCCR

oICD10

oCPT

oSnowmed

oNDCID

oPACS

oE/M codes

·    Devices:

oPortablex-raymachine

oMRI

oVitals cuff

oEKG

oEEG

oUltrasound

oPET

oCT

oVascular/Nuclear StressTest

oGlucosemonitor

·    Clinical softwareand modules:

oPatient tracking

oScheduling

oOrderentry

oPracticemanagement

oBilling/coding

oTracking/auditing

·    Basic clinical terms: 

oImaging

oPCP

oStat

oAcuity

oCodeblue/rapid response

oTrauma levels

oControlled substance(levels)

oEHR/EMR

·    Common medical departments:

oInpatient:     

oOutpatient

§    OBGYN

§    ONC

§    PEDS

§    FBC/L&D/Stork/NICU

§    ICU/CCU

§    TCU/PCU

§    MED/SURG

§    BehaviorHealth

§    PACU

§    OR/UR

§    ER

§    OBGYN

§    ONC

§    PEDS

§    Plastic Surgery

§    ENT

§    Respiratory

§    Physicaltherapy

§    Cardiovascular

§    Occupationaltherapy

§    Ambulatory/Daysurgery

§    Radiology

§    Laboratory

§    Ophthalmology

§    Dermatology

§    Nuclear

4.2 Explain aspects of a typical clinical environment.

·    Basic workflow:

oRegistration

o Consultation oExamination

·    Clinical processes:

oComputerized physician order entry

oTranscription

oDictation

oReferrals/consults

oDigital signatures

4.3 Identify and label different components of medical interfaces.

·    HL7:

oStandard contents

oProvider types

oAL1

oBLG

oIN1

oMSH

oOBR

oPID

oSCH

·    e-prescribing:

oMedication reconciliation

oBedside medication verification

oAllergyinteractions

oFormularychecking

·    Billing:

oEMR/EHR outbound communication

oTypes of codes

oClearinghouse

4.4 Determine common interface problems and escalate when necessary.

·    HL7:

oThreads/nodes deactivated

oImproperly formatted patient demographics

oCommunication link (fax, network, internet)

·    e-prescribing:

oImproperly formatted patient demographics

oImproperly formatted script

oDeactivated medication

oControlled substance

oCommunication link (fax, network, internet)

·    Medical devices:

oPower

oNetwork

oI/O

oConfiguration settings

·    Billing:

oImproperly formatted patient demographics

oImproperly formatted superbill

oCommunication link (fax, network, internet),

oI/O

oSoftwareconfiguration settings

4.5 Explain the basics of document imaging.

·    Filetypes:

oTIFF oPDF oJPG oGIF

·    Characteristics: oQuality oSize

oResolution

oCompression

·    Scanning and indexing:

oMetadata

oStorageand retrieval

·    OCR and structured data

4.6 Given ascenario, determine common clinical software problems.

·    Locate theaffected modules orfields

·    Determinefile/datatypes

·    Escalation procedures toproper support tier

oVendoror local application support

4.7 Describe change control best practices and its system-wide effects.

·    Procedural systematic customization

·    Governanceboard

·    System patching/updates

·    Appropriate scheduling

·    Changecontrol environments:

oDevelopment

oQA/Test

oUser test

oProduction/live

5.0 Security

5.1 Explain physical security controls.

·    Locations for:

oServers

oNetworkhardware

oPrinters

oScanners

oCopiers

·    Access:

oServers

oOffice

oData closet

oIDF/MDF

oBackups

oKeyfobs

oBadges

oBiometrics

·    Environmental

oHVAC

oSecuritylighting

oSurveillance

oFiresuppression

oPersonnel

oGenerator

·    Office hardware

oLocks

oDoorlocks

oBiometrics

oPrivacyscreens

oUPS

5.2 Summarizethe different encryption types andwhen each is used.

·    Types:

oSSL o DES oAES

o3DES

oPGP

·    Communication:

oEmail

oChat

oSmart phone

oCollaboration sites

oFTP sites

oPhone

oVoIP

oFax

·    Storage:

oFlash drives

oPCs

oLaptops

oSD cards

oExternal drives

oServers

oNAS

oSANS

·    Dissemination of PHI

5.3 Applybest practices when creatingand communicating passwords.

·    Communication ofpasswords

·    Storageof passwords

·    Password strength (complexity/length)

·    Password reuse

5.4 Classifypermission levels based onroles.

·    Read

·    Write

·    Modify

·    Fullaccess

5.5 Identify different remote access methods and securitycontrols.

·    RDC

·    VPN

·    Remotecontrol applications

·    Terminal emulation

·    L2TP

·    SSH

·    HTTPS

·    SFTP

5.6 Recognize wireless security protocols and best practices.

·    WEP

·    WPA

·    WPA2

·    AES

·    RADIUS

·    SSID naming

·    MAC filtering

·    Sitesurveys

·    Access point placement