Overview
This HIPAA Self-Learning Awareness course is designed for anyone who creates, accesses, shares, stores, or manages PHI/ePHI in a healthcare environment, including: Clinical staff: doctors, nurses, technicians, therapists, pharmacists Front office & operations: reception, appointments, call center, patient support.
- This HIPAA Awareness course is designed for anyone who creates
- or manages PHI/ePHI in a healthcare environment
- Clinical staff: doctors
- Front office & operations: reception
- call center
- patient support
- Billing & finance: billing
- revenue cycle teams
- Medical records / HIM: records officers
- release-of-information staff
- Management & compliance: supervisors
- privacy/compliance teams
- IT & security: system admins
- EHR/EMR support
- cybersecurity staff
- Business Associates / vendors: labs
- billing partners
- IT vendors
- cloud/hosting providers
- outsourced support teams (any third party handling PHI)
- Remote/field workforce: telehealth teams
- home-care staff
- offsite clinics
- HIPAA Foundations
- What HIPAA is and why it matters
- Key terms: PHI vs ePHI
- covered entity
- business associate
- workforce member
- minimum necessaryHIPAA Core Rules
- Privacy Rule: permitted/required disclosures
- patient privacy expectations
- Security Rule: protecting ePHI (administrative
- physical
- technical safeguards)
- Breach Notification Rule: what counts as a breach and reporting basicsDaily Compliance in Real Work
- “Minimum necessary” principle in practice
- Identity verification before sharing information
- Handling phone calls
- front-desk conversations
- email/text/WhatsApp risks
- Clean desk screen privacy
- printing/faxing basicsPatient Rights
- Right to access records
- amendments
- restrictions
- confidential communication
- How to route patient requests properlyIncident Awareness
- Spotting common violations (misdirected emails
- wrong patient charts
- lost devices)
- What to do immediately: report
- contain
- document
- escalateSecurity Hygiene for Staff
- Passwords/MFA basics
- device lock
- secure networks
- Remote work and telehealth do’s/don’ts
- Phishing/social engineering awarenessBusiness Associate Handling
- When a vendor is a BA and why BAAs matter
- Sharing PHI with third parties safely (least privilege
- approved tools)
Policies
Training Options
Corporate Training
We work with customers to provide tailor made training solutions, onsite and off site delivery with customized content to cover areas of key importance. Please contact for private batches or any other requirements.