Lifelong Learning for a Brighter World

Corra, McMaster University Continuing Education Health Information Management graduate Corra, McMaster University Continuing Education Health Information Management graduate

Health Information Management

Managing information throughout the health care system.

Learn more today!

HTH 106 - Managing Health Privacy & Security- Winter 2020

Academic Credit Value:
3 units
Course Delivery Mode:
Hours of Study:
36 hours
Course Prerequisite(s):
HTH 103
Course Anti-requisite(s):
Instructor Name:
Charmaine Shaw, CHIM
Course Dates:
02/24/2020 - 04/26/2020

Required Course Materials:
Reading material is posted on Avenue to Learn
Optional Course Materials:
Course Description:
This course is a continuation of the Privacy, Confidentiality and Security course. The course will explore the various aspects of managing health privacy issues, confidentiality and access to health information. In particular, the course will examine the tools used to manage, control and disclose health information within organizations, taught within the framework of risk management. Learners will engage in activities to highlight the collaborative nature of the roles, responsibilities and professional standards between Health Information Managers. Emphasis will be placed on the learner's ability to evaluate, analyze and apply concepts from this course, and the Privacy, Confidentiality and Security course, in order to promote their knowledge and skills at the local, organizational level as well as the overall health care system.
Learning Outcomes:
: Upon completion of this course, students will:
• Apply privacy, security and confidentiality principles in health information practice
• Employ appropriate tools to manage privacy in the health care setting
• Calculate risk using Privacy Impact Assessment and Threat Risk Assessment tools
• Measure and sustain privacy management program
• Conduct research of academic sources and critically analyze articles and information
• Communicate effectively for verbal and written course requirements and activities
• Adhere to ethical codes of conduct as a McMaster student and Health Information Management professional
Course Evaluation
The final grade is calculated based on the following components:
Discussion Posts: 20%
Case Studies: 80% (Five case studies will be assigned; each study is weighted equally)
Course Format:
This course is designed to present the fundamental concepts and theories in privacy, confidentiality and security and promote the application to the workplace and professional practice. Course activities will include instructor presentations, required readings and experiential learning activities (i.e. case studies, group discussions, projects, etc.).
Assignment Submission:
Course assignments are submitted to the appropriate A2L Assignment folder by the specified due date
Late Coursework:
Late submissions will be penalized 2% per day (including weekends and holidays) up to seven (7) days past the due date unless otherwise specified.  After seven days, the Assignment folder will close, no further assignments will be accepted, and a grade of “0” will be assigned for the course work item. No late assignments will be accepted after the course’s official end date. Requests for extensions must be submitted to the Instructor before the assignment due date (refer to the course and program policies).  Extensions are permitted for exceptional circumstances only; supporting documentation may be requested. 

Policy & Procedures:

Academic Regulations (Attendance, Coursework, Tests/Exams):
In accordance to McMaster University’s General Academic Regulations, “it is imperative that students make every effort to meet the originally scheduled course requirements and it is a student’s responsibility to write examinations as scheduled.” Therefore, all students are expected to attend and complete the specific course requirements (i.e. attendance, assignments, and tests/exams) listed in the course outline on or by the date specified. Students who need to arrange for coursework accommodation, as a result of medical, personal or family reasons, must contact the course instructor within 48 hours of the originally scheduled due date. It is the student’s responsibility to contact the Program Manager to discuss accommodations and procedures related to deferred tests and/or examinations within 48 hoursof the originally scheduled test/exam, as per policy. Failure to contact the course instructor, in the case of missed coursework, or the Program Manager, in thecase of a missed test/examination, within the specified 48-hour window will result in a grade of zero (0) on the coursework/exam and no further consideration will be granted.

*Note: Supporting documentation will be required but will not ensure approval of accommodation(s).
Academic Integrity
You are expected to exhibit honesty and use ethical behaviour in all aspects of the learning process. Academic credentials you earn are rooted in principles of honesty and academic integrity. Academic dishonesty is to knowingly act or fail to act in a way that results or could result in unearned academic credit or advantage. This behaviour can result in serious consequences, e.g. the grade of zero on an assignment, loss of credit with a notation on the transcript (notation reads: “Grade of F assigned for academic dishonesty”), and/or suspension or expulsion from the university.

It is your responsibility to understand what constitutes academic dishonesty. For information on the various types of academic dishonesty please refer to the Academic Integrity Policy, located at

The following illustrates only three forms of academic dishonesty:
Plagiarism, e.g. the submission of work that is not one’s own or for which other credit has been obtained.
Improper collaboration in-group work.
Copying or using unauthorized aids in tests and examinations.
Academic Accommodations:
Students with disabilities who require academic accommodations must contact the Student Accessibility Centre (SAS) to meet with an appropriate Disability Services Coordinator. To contact SAS, phone 905-525-9140 ext. 28652, or email For further information, consult McMaster University’s Policy for Academic Accommodation for Students with Disabilities.
On-line Elements:
In this course, we will be using on-line elements, which may include email, Avenue to Learn, WebEX, and external web sites.  Students should be aware that, when they access the electronic components of this course, private information such as first and last names, user names for the McMaster e-mail accounts, and program affiliation may become apparent to all other students in the same course. The available information is dependent on the technology used. Continuation in this course will be deemed consent to this disclosure. If you have any questions or concerns about such disclosure please discuss this with the course instructor.
In this course, we will be using a web-based service ( to reveal plagiarism. Students will be expected to submit their work electronically to and in hard copy so that it can be checked for academic dishonesty. Students who do not wish to submit their work to must still submit a copy to the instructor. No penalty will be assigned to a student who does not submit work to All submitted work is subject to normal verification that standards of academic integrity have been upheld (e.g., on-line search, etc.). To see the Policy, please go to McMaster Academic Integrity Policy.
Course Changes:
The instructor reserves the right to modify elements of the course and will notify students accordingly.
Course Withdrawal Policy:
Policies related to dropping a course and course withdrawals are posted to the Centre for Continuing Education’s program webpage, FAQs & Policies (
Grading Scale:


Equivalent Grade Point

Equivalent Percentages








































Course Schedule:




Module One |Week 1

What makes a privacy management program?

· Review Module #1 course material

· Post message to Welcome discussion board

· Discussion board post #1

Module Two | Week 2

Privacy Program Management

· Review Module #2 course material

· Complete and submit Case Study #1

Module Three| Week 3

Categorizing Types of Information

· Review Module #3 course material

· Discussion board post #2

Module Four A | Week 4

Application of Legislative Requirements

· Review Module #4A course material

· Discussion board post #3

Module Four B | Week 5

Release of Information

· Review Module #4B course material

· Complete and submit Case Study #2

Module Five|Week 6

Consent and Breach Management

· Review Module #5 course material

· Complete and submit Case Study #3

Module Six | Week 7

Privacy Training & Education

· Review Module #6 course material

· Complete and submit Case Study #4

Module Seven | Week 8

Privacy Impact Assessment & Threat Risk Assessment

· Review Module #7 course material

· Discussion board post #4

Module Eight | Week 9

Control and Monitoring Access

· Review Module #8 course material

· Case Study #5. 

Module Nine|Week 10

Privacy Metrics

· Review Module #9 course material