Course Information and FAQ - HIPAA
Updated by Lyndsay
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that protects sensitive patient health information from being disclosed without the patient's consent or knowledge. Every person and organization working in healthcare or accessing protected health information must be trained on HIPAA to avoid costly fines and penalties.
After taking this course, learners will be able to demonstrate best practices to protect the privacy and security of personal and protected health information and comprehend what actions can cause HIPAA violation.
HIPAA For Covered Entities - If you are a health care provider, a healthcare clearinghouse, or a health plan, you are a Covered Entity. Health plans include health insurance companies and employee health plans. This course covers HIPAA training mandates for all US states, except Texas and Florida, which have additional privacy training requirements.
HIPAA For Business Associates - Any vendor who helps a Covered Entity create, receive, maintain, or transmit Protected Health Information is a Business Associate. This course covers HIPAA training mandates for all US states, except Texas and Florida, which have additional privacy training requirements.
HIPAA For Business Associates: Florida and HIPAA For Covered Entities: Florida - Cover the full HIPAA courses, and special requirements for employees working in Florida, including FIPA
HIPAA For Business Associates: Texas and HIPAA For Covered Entities: Texas - Cover the full HIPAA courses, and special requirements for employees working in Texas, including HB300
- Introduction & Overview
- The Privacy Rule
- Minimum Necessary Requirement
- How and When to Use PHI
- Individual Rights
- Business Associate Agreement
- The Security Rule
- The Enforcement Rule
- The Breach Notification Rule
- HIPAA Timeline and Updates
Do my employees need HIPAA for Business Associates or HIPAA for Covered Entities?
We cannot legally advise which course your employees should take, since every organization is unique. However, we can provide the following guidelines:
- If you are a health care provider, a healthcare clearinghouse, or a health plan, you are a Covered Entity. Health plans include health insurance companies and employee health plans.
- Any vendor who helps a Covered Entity create, receive, maintain, or transmit Protected Health Information, or PHI for short, is a Business Associate.
If you have more specific questions, you can find out more on the U.S. Department of Health & Human Services website here.
Is your training compliant for my state? Yes. HIPAA is a federal mandate, and so is the same for nearly all states, and our courses are designed and reviewed by HR experts and attorneys to assure compliance. Exception: Florida and Texas have their own versions, since these states have added their own stipulations on top of HIPAA's mandates.
How often does my staff need to take this training? While HIPAA doesn't specify a training frequency, it requires employees to renew their training “periodically.” Most organizations consider it best practice to renew this training annually, since there may be updates that need to be covered, and to keep HIPAA fresh in the mind of employees.