What is HIPAA?
- The Health Insurance portability and accountability act of 1996
- Monumental law that was passed to increase the efficiency of the healthcare system
- Requirements and mandates for covered entities and business associates to follow
What type of organizations must provide HIPAA training?
- Anyone who comes into contact with PHI must be trained
- Covered entities
– Small physicians’ offices
– Doctors
– Nurse Practitioner
How often is HIPAA Training required?
- Training is required when an organization hires a new employee shortly after joining
- Annual training is the appropriate timeframe to keep HIPAA top of mind for staff
- Training should be provided whenever there is a change in working practice, technology or new guidelines
Areas to cover in HIPPA training Course
- HIPAA Overview
- Why HIPAA is important
- HIPAA Privacy Rule
- Patient Rights
- HIPAA security rules
- Threats to patient data
- Safeguarding EPHI
- Preventing HIPAA Violations
Role-based Training
- Employee will receive training based on what they do
– A nurse who has access to protected health information of every patient as opposed to a business associate who does not. Both will receive training that is required to do their job effectively and in compliance.
Consequences of failing to provide adequate training
- Some states can require HIPAA training and failure to do that can lead to fines being issued
- Failure to provide training can cause an organization to get regulatory scrutiny and failed audits
- Employees can receive civil or criminal penalties
– can lead to ethical violations
– Chance of loss of license
– Possible jail time
