Try our HIPPA eLearning for 7 days at no cost

HIPAA Compliance Training

As people move through life, their Protected Health Information (PHI) should move with them to enable easier access to health information and an improved, more efficient healthcare system. The Health Insurance Portability and Accountability Act (HIPAA) enables this flow of health information so that medical professionals can make informed decisions and professional judgments and provide the appropriate level of care at the right time.

We offer an online HIPPA compliance training course that covers HIPAA essentials like covered entities, business associates, the HIPAA Security Rule, and the HIPAA Privacy Rule.

This interactive, engaging HIPAA compliance training course will help ensure employees understand their responsibilities when it comes to complying with HIPAA and help protect your company from potentially costly HIPAA breaches.

Compliance Training - Responsiveness
iPhone, Android, Tablet, and desktop devices – seamless playback and tracking
Compliance Training - Easiness
Easily add your own learning screens to enhance stock content
Compliance Training - Single Enterprice Licence
Single enterprise licence covers your entire workforce, including contractors
Compliance Training - Availability
Available in 20+ languages, with compliance training resources for local market regulations

Video: What is HIPAA? Healthcare organizations and professionals are obliged to protect you and the information they hold about you. HIPAA ensures that the use and disclosure of PHI held by medical practices is strictly controlled to protect you.

Interactive Screen: What is PHI? PHI Identifiers. Anonymizing PHI. HIPAA Privacy and Security Rules.

Interactive Screen: Healthcare Plans. Healthcare Providers. Healthcare Clearinghouses. Business Associate. Covered Entities and Business Associates.

Interactive Screen: Examples of HIPAA violations.

Scenario: What is protected under HIPAA?

Key Learning: An individual’s PHI has 18 identifiers under HIPAA, and if even one of those identifiers is present in a healthcare-related document, the contents of the document are protected under HIPAA rules.

Scenario: Steps to take to ensure the safety of PHI.

Key Learning: Although many business associates operate with third-party suppliers, once those suppliers have access to PHI they are now considered liable under the HIPAA Privacy and Security rules. This downstream responsibility is commonly known as the “Chain of Trust” between covered entities and their business associates and subcontractors.

Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: The Privacy Rule and covered entities. Details of when covered entities can disclose an individual’s PHI, without obtaining written consent.

Text and Image Screen: The Privacy Rule and Business Associates. Business Associate Agreement.

Interactive Screen: Minimum necessary standard. Internal access and users. Disclosures and requests for disclosures. Reasonable reliance.

Interactive Screen:  Safeguarding PHI. Privacy Officer. Workforce training and management.

Scenario: Request for PHI from a doctor.

Key Learning: The Privacy Rule allows for flexibility in the flow and exchange of PHI between medical entities and their associates, but not at the cost of unnecessary disclosures or revealing too much sensitive PHI for the intended purpose.

Scenario: Rules that need to be adhered to by a business associate when accessing PHI from a healthcare provider.

Key Learning: The Privacy Rule requires business associates, and any subcontractors, to have appropriate safeguards in place protecting the healthcare information they receive or create on behalf of the covered entity.

Assessment: Five-question quiz on the content presented in this topic.

Interactive Screen: ePHI. Rule requirement. Required and addressable safeguards. NIST standards.

Interactive Screen: Administrative safeguards. Assigned security responsibility. Information access management. Security management process.

Interactive Screen: Technical safeguards. Access controls. Audit controls. Integrity controls. Transmission security.

Text and Image Screen: Physical safeguards. Facility access and control. Workstation and device security.

Scenario: The supports that must be in place supports when managing ePHI as a business associate.

Key Learning: All compliant covered entities and business associates must have an assigned security person to help develop and implement policies and procedures for their staff.

Scenario: The policies and procedures that should be in place to ensure ePHI is HIPAA compliant.

Key Learning: Members of staff should have appropriate access to ePHI specific for their role, and this should be implemented via safety permissions on the systems to which they have access.

Assessment: Five-question quiz on the content presented in this topic.

Summary screen that wraps up the module and provides details of where to go to speak up.

Attestation screen where learners attest that they will always adhere to HIPAA and protect any PHI they come into contact with.

More about HIPAA Compliance Training

The HIPAA Privacy and Security Rules set requirements for protecting the privacy and security of an individual’s PHI to ensure that it is only used for health-related purposes, unless they give permission to share it otherwise. Any organization that creates, receives, maintains, transmits, or processes PHI is subject to HIPAA Privacy and Security rules. These organizations are known as covered entities and business associates. Covered entities include healthcare plans, healthcare providers and healthcare clearing houses

The primary goal of the HIPAA Privacy Rule is to secure individuals’ PHI, but it must also support the flow of PHI to enable efficient levels of care. To do this, the Privacy Rule sets national standards for when covered entities can disclose an individual’s PHI, without obtaining written consent, in certain situations.

While the HIPAA Privacy Rule protects the use and disclosure of all PHI, the Security Rule protects a subset of this, which is all individually identifiable health information that covered entities or business associates create, receive, maintain, or transmit in electronic form. This is known as “ePHI.” The Security Rule does not apply to any PHI transmitted orally or in writing.

Our HIPAA compliance training provides employees with the knowledge required to understand and apply the HIPAA Privacy and Security Rules and help ensure that they handle PHI appropriately at all times.

Book a Demo