What is HIPAA?

  • The Health Insurance portability and accountability act of 1996
  • Monumental law that was passed to increase the efficiency of the healthcare system
  • Requirements and mandates for covered entities and business associates to follow

What type of organizations must provide HIPAA training?

  • Anyone who comes into contact with PHI must be trained
  • Covered entities

– Small physicians’ offices
– Doctors
– Nurse Practitioner

How often is HIPAA Training required?

  • Training is required when an organization hires a new employee shortly after joining
  • Annual training is the appropriate timeframe to keep HIPAA top of mind for staff
  • Training should be provided whenever there is a change in working practice, technology or new guidelines

Areas to cover in HIPPA training Course

  • HIPAA Overview
  • Why HIPAA is important
  • HIPAA Privacy Rule
  • Patient Rights
  • HIPAA security rules
  • Threats to patient data
  • Safeguarding EPHI
  • Preventing HIPAA Violations

Role-based Training

  • Employee will receive training based on what they do

– A nurse who has access to protected health information of every patient as opposed to a business associate who does not. Both will receive training that is required to do their job effectively and in compliance.

Consequences of failing to provide adequate training

  • Some states can require HIPAA training and failure to do that can lead to fines being issued
  • Failure to provide training can cause an organization to get regulatory scrutiny and failed audits
  • Employees can receive civil or criminal penalties

– can lead to ethical violations
– Chance of loss of license
– Possible jail time