Start with 7 free days of training.

Gain instant access to our entire IT training library, free for your first week.
Train anytime on your desktop, tablet, or mobile devices.

This course will be retired in 250 days. If you have questions, please contact us.

This video training with Michael Shannon covers what IT professionals need to know to be successful to work in the healthcare industry, including regulatory requirements, IT operations, security and more!...
This video training with Michael Shannon covers what IT professionals need to know to be successful to work in the healthcare industry, including regulatory requirements, IT operations, security and more!

Recommended skills:
  • CompTIA A+ certification
  • At least 500 hours of IT experience
  • Familiarity with deploying and supporting healthcare IT systems in clinical settings

Recommended equipment:
  • Not applicable

Related job functions:
  • IT professionals

This Nugget course prepares you for real-world IT health care, and the CompTIA Healthcare IT Technician certificate exam. Healthcare Information Technology can be considered a combination of a health information management framework, a way to improve the delivery of patient services, and a facilitator of the coordination of patient care.

Trainer Michael Shannon and a guest healthcare expert will take you through HIT regulations; medical business operations; healthcare organization and operations; basic IT operations; network IT operations; document imaging; and basic to advanced healthcare security. If you're looking to improve your skills for the healthcare industry, or want to position yourself for a job in this fast-growing field, this is the course to watch!

 show less
1. Introduction to CompTIA Healthcare IT Technician (25 min)
2. Healthcare Regulatory Compliance Overview (50 min)
3. Regulatory Requirements (Part 2) (30 min)
4. Organizational Behavior (Part 1) (50 min)
5. Organizational Behavior (Part 2) (43 min)
6. Organizational Behavior (Part 3) (53 min)
7. IT Operations (Part 1) (60 min)
8. IT Operations (Part 2) (53 min)
9. IT Operations (Part 3) (59 min)
10. IT Operations (Part 4) (41 min)
11. IT Operations (Part 5) (61 min)
12. Medical Business Operations (Part 1) (41 min)
13. Medical Business Operations (Part 2) (47 min)
14. Medical Business Operations (Part 3) (53 min)
15. Security (Part 1) (62 min)
16. Security (Part 2) (61 min)
17. Security (Part 3) (44 min)
18. Healthcare IT Technician Exam Review (6 min)

Introduction to CompTIA Healthcare IT Technician


Well, hello and welcome to the CompTIA health care IT technician Nugget from CBT Nuggets. My name is Michael Shannon. And I am so excited to be with you this entire Nugget series to help you not only pass that certification exam for health care IT technician, but also to help prepare you for a exciting and profitable career in IT, specifically in the health care industry.


Now, you can see down here I've got some certifications. I'm a CCNP Security. So that's a Cisco professional security certification. But I also have certifications in Juniper and do Juniper security as well. I have the CISSP certification. And I have a specialization in HIPAA, CHSS.


That's the certified HIPAA security specialist. As a matter of fact, I was one of the first groups of people, the actual first class, to receive that specialization way back when HIPAA Academy was first giving out certifications, when HIPAA was just getting started.


So I've been doing this for a long time, working with IT with health care and the insurance industry. And let me tell you, that was a tough exam. Only half of us-- we all went to Iowa to study and test under Ali Pabrai, who is the head of HIPAA Academy and the one that's really on the forefront of HIPAA education.


We studied with him. And I only half of us passed the exam. So I was very fortunate. I also got the Certified HIPAA Professional Certification, the CHP, from HIPAA Academy. Now, I've got to tell you, I have been waiting a long time to have just this kind of certification that combines IT and security and health care.


In my opinion, it's been too long coming. But thankfully, CompTIA, that non-profit organization and advocate for the IT industry with 25 years in the industry, has provided this IT certification. I'm really excited about it. Now, here's one of the special things about this Nugget series.


I will be your primary trainer and instructor and your guide throughout this journey through health care IT technician. But I have, as my consultant and my technical reviewer-- and from time to time, we're going to hear from this person-- Shelly Smith, who has, oh, I don't know, decades of experience in the health care industry, especially on the administrative side in hospitals.


And she's very well-certified. And I have a ton of confidence in her. As a matter of fact, I have 100% confidence in her and her ability to review and to add input and to provide health care insight to me and to you as well. As a matter of fact, I went down to Austin where Shelly is, Austin, Texas, and interviewed her and got quite a few answers and information from her that I'm going to be distributing and interspersing throughout this entire Nugget series.


So let's listen to my first little interview with Shelley, as she gave us a little bit of her background and her experience that she's going to bring to the table in this CompTIA health care IT technician Nugget. OK. It's our privilege to have Shelley Smith here with us throughout this Nugget series as our medical industry consultant and technical reviewer.


So Shelly, tell us a little bit about your background. And what are you doing now in the industry? Hi, Mike. Well, thanks for having me. A little bit about my background. I have 30 years plus experience in the health information management field. I'm an RHIA, a certified coding specialist.


And I have a certification in clinical documentation improvement. The majority of my work has been hospital-based. I've worked in health information management for large networks of hospitals, including coding departments, risk management, quality assurance, HIPAA compliance, and, most recently, as a clinical documentation specialist.


OK. Well, that's just a small portion of much of the interview that we're going to be listening to throughout this Nugget series with Shelly from time to time. And like I said, I have the utmost confidence in her. She is not somebody that I went out and looked for somebody out on the internet or whatever.


She is actually my cousin. I've known her my entire life. And I have total confidence in her ability to make sure that this Nugget is going to be as good as it can be. So we'll be hearing more from her in the future. What I want to do now is I want to talk more about this particular certification and what are the objectives that we need to cover throughout this entire Nugget series.


Let's take a look at the domains of the health care IT technician certificate. OK. To certify as a health care IT technician, you're going to have to master five different domains. And you can see the bulk of our exam is going to cover domains 3, 4, and 5.


13% will be on Regulatory Requirements, domain 1. 15% is domain 2, Organizational Behavior. 26% is going to be IT Operations. 25% Medical Business Operations. And then 21% and will be domain 5, the Security domain. And in this CBT Nugget, I will cover every one of the sub-topics.


And we're going to go through all these in a second here. But I'll make sure that we have all of these bases covered so that you'll be more than prepared for this exam, but more than that, prepared to get out there in the real world and get a job with a health care organization.


Now, here's our exam. It is CompTIA exam HIT-001. On the exam, you're going to have 75 questions. And you've got one hour to pass those questions. It's a multiple choice type of test, multiple choice, multiple answer, or single answer. It is vendor neutral.


So there will not be any specific questions on, let's say, Microsoft or Linux or Sun Solaris Blade servers or particular security appliances. However, throughout this Nugget series, I will be using actual equipment. I'll be doing actual demonstrations to teach you the concepts and the principles and the methodologies.


Will you have to replicate those on the exam? No. But it's a great way for you to learn how to implement IT operations, how to implement security, right? And so we'll have some real-world demonstrations. And it will also help you, because chances are most shops you're going to be dealing with are going to be working with Microsoft, or Cisco, or Juniper.


So you'd be well prepared for some real-world scenarios. Now, to pass this exam, on a scale of 1 to 900, you have to get a 650 out of 900 to pass the exam. And the exam is administered in English only. So that's the HIT-001 exam. Let's break down these five different domains and the subtopics that we're going to be discovering and learning within each of those five domains.


OK. Our first two domains, Regulatory Requirements and Organizational Behavior, will make up about 28% of the exam. And we can see here, oh, I don't know, about nine objectives of those first two domains. First off, we'll be talking about identifying standard agencies, like HHS and ONC and CMS.


We'll talk about different laws, like HIPAA and high tech and different regulations. We'll even mention one of my favorite organizations, the NIST or the NIST. Then we'll explain and classify specifically HIPAA controls and HIPAA compliance issues. We'll define PHI.


We'll look at what a covered entity is. We'll look at basically some of the security violations, fines, and requirements. We even have an entire domain here on security. We won't steal too much from that domain. But we'll talk about other definitions as well that fall under HIPAA controls and compliance.


Then we'll summarize regulatory rules of things like retention of records, disposal of records, and archiving of records. How long are we going to store them? Different types of records-- public records, private records, legal/health records. And also, ways of disposing of our records-- destruction or disposition policies.


Then the final piece of domain 1 is to explain and interpret in a fundamental, rudimentary way legal best practices, requirements, and documentation. We'll talk about things like business associate agreements, service level agreements, waivers of liability, some things like that.


Then we'll get into domain 2, Organizational Behavior. We'll be using best practices for handling PHI. Maybe you're wondering what PHI stands for. PHI stands for personal health information or, more recently, protected health information. So we'll look at best practices-- where you're going to place your PC, using privacy screens, using screensavers, locking out of sessions, things like that.


We'll identify EHR and EMR access roles and responsibilities. EHR stands for electronic health records. And EMR stands for electronic medical records. We'll look at various medical roles, like an RN and an MD and a PA, those people you deal with quite often, office managers, staff.


We'll talk about different technical roles that you might have. We'll look at access for business associates and contractors. And we'll look at access limitations. In 2.3, we'll be looking at applying the proper communication methods in the workplace.


How do we deal with email and instant messaging or faxes? What kind of phone security do we have? Are we going to use secure file transfer protocol? Those kind of things, very practical. In 2.4, we'll look at organizational structures and different methods or different modes of operation-- organizational structures like hospitals, nursing homes, home health care, surgical centers, labs, those types of things.


And also at different methods, differences in the scope of their work, the resource availability, and how formal are your procedures. For example, they may be less formal in a hospice environment but much more formal in a hospital. Less formal in a private practice but more formal in a surgical center.


And then 2.5 is based on different scenarios and situations. We want to look at daily activities that also follow a code of conduct-- operating in a professional fashion, standard operating procedures in different areas of the facility, like the examination room versus the emergency room versus the recovery room, very practical things.


Look at adapting our social behavior based on environment sensitivity. For example, a surgical center that might be doing plastic surgery, for example, or reconstructive surgery, you may need to adapt your social behavior, because it's a much more sensitive environment then maybe just going into a normal private practice.


Also things like using proper sanitation and conforming to management directives. So those are our first two domains, a lot of things to learn, a lot of things to cover. And that leads this into our third domain, IT Operations. Now, the IT operations domain is the kind of thing you would find on the CompTIA A+ and the CompTIA Network+ certification path.


So if you're somebody who already has A+ knowledge and Network+ knowledge, you might be able to deprecate your study time in these nuggets, maybe just focusing on the things that are specific to health care-- EHR and EMR technologies. It just depends.


We're going to be really focusing all of this stuff on health care and medical facilities. So it's going to be very specific to those environments. But we'll look at different terminologies and technologies-- the TCP/IP stack and application layer services, like DNS and DHCP.


We'll talk about the importance of 802.11x, 11b, 11g, 11n, which is our wireless environment, and then maybe using things like remote desktop protocol and Citrix. We'll talk about different types of devices as well and some major industry terms that we have to know.


And also, we'll familiarize ourselves with some languages, things that are very common-- XML, HTML, Flash, maybe a little bit of database language as well. We need to be able to demonstrate the ability to set up a basic PC in our EHR or EMR environment.


And so we will make sure that we can do that. Obviously, having an A+ background would be beneficial to you. And CompTIA does recommend that you have A+ knowledge before you come into it. It's not a prerequisite. But knowing how to solve a simple PC problems, like how to deal with a mouse drivers and how to troubleshoot printers and power supplies and cabling, those things would help.


But again, I'm going to cover those things in this Nugget. So if you don't have A+ knowledge, that's OK. You're in the right place. That's why we're here, right? We'll also talk about the importance of having software patches and updates and service packs and hot fixes and the importance of documentation.


We'll look at installing and configuring hardware drivers and devices. We'll contrast and compare basic client networks and tools. And like I said, we'll be going through a wide variety of different devices here in my home lab to help us learn that. We'll look at applying basic configuration settings.


How do you set up your wireless router, for example? And we'll go ahead. And we'll do that here. I'll bring in a Cisco Linksys wireless router. And we'll go ahead and set it up like we would for a small private practice. We'll look at some of these features that we need to configure on our router, like DHCP for example.


We want to look troubleshooting common problems, like things with cabling, power problems, the right IP addressing settings, things like that, dealing with service providers. We'll talk about backups. That's important. Backup configurations. And we'll look at some different solutions we have, different types of backup, and different software solutions that you might want to use from a practical standpoint in your environment.


We'll classify different types of servers, different environments, as well as some of the pros and cons. And like I said, we'll compare and contrast EHR and EMR technologies and how they're implemented, like ASP and cloud services versus a locally-hosted client server environment.


Do we want to use just an ordinary browser? Or do we want to have our own kind of proprietary front-end. What about some hardware requirements? So those are our third domain, which is IT Operations. And from a practical standpoint, you may want to consider, going out there on the job market in the health care environment, if you could complement this IT health care CompTIA certification with A+ and Network+ and maybe even Security+.


That would be quite a tool kit, quite a resume of certifications to walk into when you're trying to get that first IT job in health care or maybe trying to move up in the health care IT industry. Something to think about. Here in module 4, we're going to look at Medical Business Operations.


And this is where I'm really going to rely upon the expertise in this subject matter expert, Shelly Smith, who I introduced you to a little bit earlier in this introductory Nugget. And she'll keep me honest, because I haven't dealt with everything that we're looking at here in these different medical business operations.


So she'll make sure that I have all the bases covered as we talk about different interfaces, medical terms and devices, interfaces like HL7, e-Prescribing, E/M codes, those kind of things, different devices, like portable x-ray machines, EKGs, ultrasounds, those kind of things.


We'll talk about clinical software and modules and some basic clinical terms, like imaging, STAT, which I've got kids in their '20s. And they use the word STAT as in, let's get this done in a hurry. Let's get it done right away. Well, you know what? It means the same thing in the medical field.


So we'll talk about things like trauma levels and code blue and rapid response. We'll talk about different types of medical departments-- inpatient versus outpatient. We'll look at different aspects of the typical clinical environment, your basic workflow to register patients, consult with patients, examine patients, different clinical processes.


We'll also see how digital signatures can come into play with that from a security standpoint. I'll just put dig sigs. We'll identify and label different components of medical interfaces. That will be very important. The three main areas here really are HL7, e-Prescribing, and billing.


So we'll focus on that. The same thing with common interface problems and escalation of problems or to tech support. That would be problems and challenges with HL7, and e-prescribing, medical devices, and billing. For example, are we having communication link problems?


Are we having network problems? We have to make sure that we have communication flow and a constant flow of reliable and available data when it comes to dealing with these things. We'll talk about the basics of document imaging, things that you maybe are already familiar with.


You know about gif files and jpg files-- jpegs. But what PDFs and TIFFs, PNG files. How are our documents being represented in image format? 4.6 here, different scenarios here for figuring out different clinical software problems, locating the affected modules, escalating procedures to the proper technical support tier.


We'll also, finally in the medical business operations domain, we'll describe change control best practices. And this is going to be involving you methodologies for change controls. Maybe you are implementing an ITIL implementation, which I teach the ITIL version 3 Foundations.


You may want to check that out from CBT Nuggets. We'll talk about the procedures for customization, for updating, for patching, for upgrading, scheduling, the change control mechanisms and dealing with the governance board or steering committees. So that's our fourth domain, Medical Business Operations.


This is all really interesting stuff. And you're going to learn so much about IT and the medical business from this CBT Nugget. It's really exciting. And I am looking forward to it. I've got one more domain to cover. That's really my expertise, my wheelhouse so to speak.


And that's security. Our final domain, our fifth domain, is Security. And that's so important, because it's part of the entire HIPAA initiative, which is in tight control of the health care industry. So we'll start looking at physical security controls.


There's three different types of security controls. There's administrative, which we're going to be dealing with. There's also logical. Those are things like access controls and file permissions and things like that. But there's physical security control.


And that's a really big area, making sure that you protect your servers and your network hardware and what's being spit out on your fax machine or your printers or your copiers, where you're going to place your devices. Are we going to use different types of authentication mechanisms?


Going beyond just user names and passwords. Are we going to have badges or key fobs or biometric mechanisms? What about environmental controls? Are we going to have protection for our HVAC system? Do we have file suppression? Do we have a backup generator?


Those types of things. And also, how to physically protect your facility with locks-- door locks, privacy screens, those types of things. We'll also look at encryption types. That's a very important aspect. Crypto systems are highly involved for protection of confidentiality.


So we'll look at types of encryption. We'll look at different communication mechanisms and different storage mechanisms and how we can protect those. We'll focus on, specifically, the dissemination of PHI, protected health information. Again, remember all of these things we have to think about in the context of health care and the medical field, very specific here.


Best practices for creating and communicating passwords. Permission levels based on a role-based access control model. Identify different remote access methods. What about VPNs? How do we use those? And what types of protocols are we going to use? Are we going to use terminal emulation to be able to access machines remotely?


We'll also spend quite a bit of time looking on wireless security. Now, one of the things here I need to point out to you is wireless is a whole animal in itself. And so I do not have the time to teach you wireless architecture and how wireless 802.11x, x how it works.


So if you're not familiar with wireless, you may want to go check out one of the other CBT nuggets. For example, let me show you. I'm up at the CBT Nuggets website. I'm looking under the wireless IT training. I mentioned the CWN. I produced all of this wireless stuff.


I'm a wireless specialist. I would recommend to you, if you have no knowledge of wireless, because I don't have the time to teach wireless. If you have it in your budget, or if you have it in your licensing, the Wireless# would be a really good way to go.


This is kind of the entry-level wireless certification. So it just talks about an introduction to the characteristics and the standards, RF fundamentals, and other technologies, wireless client devices, those types of things. This would be a really good place to start.


So I'm not trying to bait and switch you here or do any kind of upsell. What I'm saying, however, is that when I do wireless security, I'm going to be focusing just on the security aspect of it. And I'm going to work off the assumption that you have some basic fundamental knowledge of wireless networking.


So again, in the Network+ you could get some of that. Or you could go do that Wireless#. Either one of those would be good additions. And the reason why this is important is because there is so much a wireless networking in hospitals and in clinics and in private practice.


It's such a ubiquitous technology, because it facilitates the use of hand-held devices and proprietary medical devices and roaming throughout the facility and the hospital and from one building to another on the medical campus. So it's such an important thing.


So I don't want you to get short-changed on that. You may want to add that to your knowledge base to be as successful as you can as a health care IT professional. We'll look at best practices in the secure disposition of electronic personal or protected HI or physical HI, things like sanitizing and shredding and de-gauzing.


We'll implement backup procedures. And earlier in this Nugget, I will give you an overview of backup. But we'll also go farther with that and look at disaster recovery. What are some good methods of disaster recovery? This is such a mission critical field, such a mission critical sector.


People's lives depend upon us. And so this is a really important area, disaster recovery. And we'll finish up this entire Nugget series identify some common security risks and prevention methods. There's some basic things that are covered in the objectives from CompTIA, like social engineering and the spamming and spimming and malware and spyware.


But I'll go a little bit further. And I'll get real, real world with you and talk about some of the most recent things we're dealing with here from a security vulnerability standpoint, especially as far as malware goes. So that is pretty much our five domains.


Domain 1, Regulatory Requirements at 13%. Domain 2, Organizational Behavior at 15%. IT Operations, domain 3, at 26%. Domain 4, Medical Operations at 25%. And finally, a dedicated domain on security at 21%. Well, I'm confident with this intro Nugget here for the CompTIA health care IT technician Nugget that you've got a good idea of what we're going to do.


You've got a good idea of the journey we're going to be going on. On behalf of myself, Michael Shannon, and Shelly Smith, we're looking forward to helping you become the most successful health care IT technician possible. And so we're ready to dig in, learning about standard agencies, some of the laws we deal with, and some of the regulations.


And we'll hear from Shelly there as well really in our first content Nugget. So I hope this CBT Nugget was informative for you. I want to thank you for viewing.

Healthcare Regulatory Compliance Overview

Regulatory Requirements (Part 2)

Organizational Behavior (Part 1)

Organizational Behavior (Part 2)

Organizational Behavior (Part 3)

IT Operations (Part 1)

IT Operations (Part 2)

IT Operations (Part 3)

IT Operations (Part 4)

IT Operations (Part 5)

Medical Business Operations (Part 1)

Medical Business Operations (Part 2)

Medical Business Operations (Part 3)

Security (Part 1)

Security (Part 2)

Security (Part 3)

Healthcare IT Technician Exam Review

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
14 hrs 18 videos


Training Features

Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Our iOS and Android mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Develop and maintain a study plan with one-to-one assistance from coaches.

Supplemental Files
Files/materials that supplement the video training.

Speed Control
Play videos at a faster or slower pace.

Included in this course
Pick up where you left off watching a video.

Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Follow what the trainers are saying with ease.