George Mason University

Menu

College of Health and Human Services

Certificate in Health Care Security & Privacy

Point of Contact
Dr. Janusz Wojitusiak
Phone: 703-993-4148
Email: jwojtusi@gmu.edu

The curriculum is expected to enhance the skills of Directors responsible for information and physical Security at area hospitals, nursing homes, public agencies, insurance companies, and other health care agencies. The curriculum is expected to improve the effectiveness of these directors in bringing about change within their own organization and in coordinating their activities with their counterparts in public and private agencies.

Sequence of Courses

Courses can be taken in any sequence. The recommended sequence is in the order of course numbers.

Admission Policy

Students applying to the Certificate program must have a bachelor's degree and complete the application to the University. Two letters of recommendations are needed. Knowledge of health care system and design of databases is not required but students without this knowledge are required to take additional courses. Application is made through the College of Health and Human Services.

Effective Date

The Certificate Program will commence in the Fall Semester, 2006. *Note Date Change

Program of Study

Students are expected to have:

  1. Broad health care experience (or alternatively take HAP 678) and
  2. Knowledge of health care databases (or alternatively take HAP 709 or INFS 601)
  • Required Courses
    • HAP 525 (3:3:0)
      Risk analysis in Health and Bioscience
      Explores assessing risk at the time of increased threats, and driving the information security program of healthcare organization. Includes qualitative and quantitative risk analysis models, risk analysis life cycle, and methods of evaluating validity and reliability of existing indices. Covers existing tools for risk assessment, and procedures for constructing new risk indices.
    • HAP 610 (3:3:0)
      Maintaining Business Continuity for Health Care
      Considers potential types of catastrophes, their likely impact, and how the organization could continue to serve its mission and community in aftermath. Explores interdependences among various components of healthcare delivery system, regional health services, disaster planning, business record protection, patient information and information systems protection, manpower planning, professional credentialing, access to supplies and drugs, and financial implication and resources.
    • INFS 565 (3:3:0)
      Database and Distributed Systems Security Principles
      Prerequisite: permission of instructor. An introduction to information and distributed system security fundamentals. Topics include notions of security, threats and attacks; legal-ethical issues; security evaluation; data models, concepts, and mechanisms for database and distributed system security; inference in statistical databases; basic issues in operating system, application and network security.
    • HAP 746 (3:3:0)
      Advance Seminar on Security
      Describes new methods to manage and verify identity of patients and providers. Includes issues related to identity management in electronic and physical domains. Includes discussion of continuity of care, referral process, patient recruitment, and follow-up of community clinic visits. Includes emerging topics in healthcare security and new role of compliance officers.
    • HAP 745 (3:3:0)
      Health Care Security Policy
      Focuses on health security, privacy policy, and compliance issues Students develop policies for threats faced by facilities. Discusses legal and business policies for facility, personnel, travel, information, and patient security.
  • Total = 15 credits

Explanation of Credit Hours
Course titles are followed by numbers in parentheses (0:0:0), separated by colons. The numbers have the following significance:

  • First Number: credits for the course
  • Second Number: hours of lecture or seminar per week for the course
  • Third Number: hours of laboratory for the course

For independent study, readings, topics, or similar courses, individual instructors set hours.

To accommodate traveling compliance officers and executives, each course is offered over two weekends, starting from Friday and ending on Sunday. Additional work is done by email and online in between the two weekends. A course is scheduled every quarter. Here is the schedule of courses:

Course

Typical Schedule
Risk analysis in
Health and Bioscience		 2nd weekend of September and October
Maintaining Business
Continuity for Health Care		 2nd weekend of November and December
Database and Distributed
Systems Security Principles		 2nd weekend of June and July
Advance Seminar on Security
 2nd weekend of January and February
Health care Security Policy 2nd weekend of March and April