HIPAA Privacy Training

Lesson 13 | HIPAA Training

Download Lesson PDF

HIPAA Training

If you work for an organization and your role touches PHI in some way or even has the potential of touching PHI, then you should receive training specific to HIPAA and your organization’s policies and procedures.

At a minimum, HIPAA requires training in two buckets:

  1. Privacy training for employees on privacy, policies, and procedures at onboarding and with changes to organizational policies and procedures; and
  2. Security training for employees.

All training needs to be documented.

Practicing the bare minimum checks the box on HIPAA training requirements but it is unlikely to be successful at ensuring employees understand and follow privacy policies and procedures. Since following policies and procedures is an essential part of passing audits, ensuring employees comprehend privacy policies is essential. The best way to do that is to through continuous training and exposure to relevant content.

HIPAA prescribes bare minimum training requirements for privacy and security but doing the bare minimum won’t lead to following policies and procedures.