Health Insurance Portability and Accountability Act (HIPAA)

Covers the core elements of the federal Health Insurance Portability and Accountability Act (HIPAA) requirements.

Organizations
LEARN MORE
New Subscribers Current Subscribers
Learners EXPLORE COURSES

About these Courses

This series provides information on the core elements of the federal Health Insurance Portability and Accountability Act (HIPAA) requirements. The courses that comprise the HIPAA series focus on healthcare roles and types of activities since HIPAA’s requirements are largely conditioned by the purposes behind the collection, use, or disclosure of health information. Courses include:

Augmented penalties, audits, and required breach notifications under the Health Information Technology for Economic and Clinical Health (HITECH) Act's amendments to HIPAA have raised the stakes for healthcare organizations' compliance. The HIPAA courses are designed to help ensure HIPAA compliance, quality assurance, and risk reduction. The courses cover the HIPAA Privacy Rule, Security Rule, Omnibus Rule, and HITECH Act.

These courses are suitable for anyone who works with individually identifiable health data (HIPAA-defined "PHI") or has responsibilities for setting policies and procedures with respect to these types of data.

Organizational Subscription Price: Available as part of an organizational subscription package or for $675 per year/per site as a subscription add-on for government and non-profit organizations; $750 per year/per site as a subscription add-on for for-profit organizations.

Language Availability: English, Korean

Suggested Audiences: Business Associates, Clinicians, Compliance Officers, Fundraisers, Healthcare Providers, Individuals Working with Identifiable Health Data, Instructors, IRB Administrators, IRB Members, Marketers, Privacy Officers, Researchers, Students, Teachers

Basic Courses

HIPAA and HITECH for Business Associates

A review of HIPAA’s HITECH Act of 2009 geared toward business associates, vendors, and others subject to HIPAA.

file folder with a cross on it
HIPAA Basics for Healthcare Professionals
CME/CEU

Introduces healthcare professionals to the basic concepts and expectations of HIPAA.

tablet with stethoscope on top
HIPAA for Marketing and Fundraising Professionals
CME/CEU

This course is intended to cover HIPAA requirements as applicable for marketing and fundraising.

Icon of a face with a lock off to the side
HIPAA for Education and Research
CME/CEU

This course is intended to cover the core elements of HIPAA requirements as applicable for education and research roles.

cap and gown on a lock icon

FAQs

Who should take the HIPAA courses?

The HIPAA courses are designed for individuals working with identifiable health data. HIPAA requires that covered entities provide training to their employees. Business associates must also provide training to their employees who work with identifiable health data.

How long does it take to complete a HIPAA course?

The HIPAA Basics for Healthcare Professionals course consists of six modules, the HIPAA for Education and Research course consists of three modules, the HIPAA for Marketing and Fundraising Professionals course consists of three modules, and the HIPAA and HITECH for Business Associates course consists of three modules.

Each module contains detailed content and a quiz. Modules vary in length, and learners may require different amounts of time to complete them based on their familiarity and knowledge of the topic. However, they can complete them at their own pace. Modules are each designed to take about 10 to 45 minutes to complete.

Are HIPAA courses eligible for CME credits?

Yes, the HIPAA Basics for Healthcare Professionals, HIPAA for Education and Research, and HIPAA for Marketing and Fundraising Professionals courses currently have CE/CME credits available. The HIPAA and HITECH for Business Associates does not currently have CE/CME credits available.

What privacy topics are addressed?

The HIPAA courses include content on the basics of the federal HIPAA requirements and touch on state and local requirements. This foundation is supplemented by content that focuses on roles and types of activities because HIPAA’s requirements are largely conditioned by the purpose behind the use or disclosure of health information.

What is the recommended course setup?

For the HIPAA Basics for Health Professionals and HIPAA and HITECH for Business Associates courses, we recommend that all modules be set to “Required.”

For the HIPAA for Education and Research course, we recommend that the “Basics” module be required as a foundation, along with at least one of the role-specific modules, depending on the type of learner.

For the HIPAA for Marketing and Fundraising Professionals course, we recommend that the “Basics” module be required as a foundation, along with at least one of the role-specific modules, depending on the type of learner.

What is the recommended training frequency?

HIPAA regulations nor the federal agencies administering them offer specific guidance on the frequency of HIPAA-related training. It is up to each organization to determine when a “refresher” is appropriate. Sometimes state laws or organizational policies may provide a standard. Absent other considerations, we recommend retraining of some kind at least every three to four years.