HIPAA Compliance Training is one of the most important topics your organization must address to conform with HIPAA compliance as it pertains to the HIPAA Privacy Rule. If you handle protected health information (PHI) you must develop and maintain a HIPAA Compliance Plan which consists of HIPAA policies and procedures and HIPAA compliance training. HIPAA Associates provides you with experienced HIPAA Compliance Consulting and HIPAA online training. Our consulting staff have years of experience with large and small organizations. Our HIPAA training has been recognized as the “Best HIPAA Team Training” program available. We will be able to answer the key question, “What is HIPAA?”

Get help with HIPAA Compliance

Find out how

Watch our video

HIPAA Compliance Training

HIPAA Compliance Certified

Our healthcare professionals are certified by two of the most recognized associations in healthcare compliance. These are the Health Care Compliance Association and the American Health Information Management Association. They have extensive HIPAA experience on the HIPAA requirements from their work in the healthcare industry. They have the legal experience to know the intricacies of HIPAA Compliance inside and out and have the practical experience to understand how it affects patients and healthcare professionals. We are the HIPAA experts, healthcare professionals seek for their HIPAA compliance plans, training and breach reporting. We can simplify your work with our online training program.

HIPAA Training

Our courses
Purchase online courses
Train your team

Do You Need to Comply with HIPAA?

If you work with or have access to protected health information, you need to comply with HIPAA and you should obtain the appropriate training on the HIPAA Rule.

The entities that must train:

  • Healthcare Providers
  • Employer Group Health Plans
  • Health Insurance Companies
  • Healthcare Clearing Houses
  • Business Associates (work with the above)

Healthcare Providers

  • Hospitals
  • Medical offices
  • Durable medical equipment providers
  • Dental offices
  • Nursing homes
  • Urgent care centers
  • Pharmacists
  • Mental and behavioral health professionals
  • Medical students

HIPAA Training Courses

Our HIPAA courses & who they benefit

Compliance Training is perfect for all healthcare professionals who must have working knowledge of the HIPAA Privacy Rule and use protected health information. It will describe the HIPAA Regulations and explain why they are important.

Doctors, nurses, clinics, hospital personnel, nursing homes, mental health professionals, pharmacies, hospice, durable medical equipment, volunteers, medical students

Compliance Training

Health Information Management is ideal for all personnel involved in the management and protection of digital and traditional medical information. It will give the individual a solid background of HIPAA as it affects HIM.

Medical record personnel, EMR personnel, medical record storage

Health Information Management

IT Security helps IT professionals to prepare them with working knowledge of the HIPAA Privacy and Security Rules. This will give a good background to participate in the protection of electronic protected health information.

EMR personnel, IT professionals

IT Security Training

Business Associates is for companies and professionals who must work with protected health information on behalf of a covered entity. This is essential knowledge for business associates compliance with the HIPAA Privacy Rule.

Medical billing, collection agencies, attorneys, consultants, medical couriers, software companies, answering services

Business Associates Training

The HIPAA for Information Technology Business Associates training program was created especially for all Healthcare Information Technology professionals who work with protected health information (PHI) and act as business associates. 

EMR personnel and IT professionals who work as business associates

Business Associates – IT

Visit our HIPAA training page to learn more about our online HIPAA training programs

HIPAA Training

Created for Healthcare Professionals

  • Created by a nationally recognized expert
  • Our staff is Certified in Privacy and Compliance
  • HIPAA certificate on completing course
  • Clinical scenarios
  • Available to finish for 90 days
  • Guaranteed certificate (unlimited retakes)
  • Spanish version available
  • Certificate available in 1.5 hrs.
  • Take from your home – at your pace
  • Courses begin at $29.50
Certificate of Completion

Our HIPAA Training Programs

Take your first step by following the links below.

Purchase Online Courses

HIPAA Training

Our HIPAA Training is essential for any individual seeking to work with employers or organizations that handle protected health information (PHI). This HIPAA training course will certify you have completed the appropriate training as expected under HIPAA. The program is designed with multiple clinical scenarios that will prepare you for your work in health care. This HIPAA compliance training program was created by our well-known HIPAA professionals.

  • Courses available through our educational platform
  • A HIPAA training certificate is issued upon completion of the program.
  • This certificate is valid for two years
  • HIPAA updates available yearly
  • Our courses meet OCR requirements

Purchase Your Course

Compliance Training

If you are a health care provider – doctor, nurse, physical therapist or pharmacist

Business Associates

Professionals who work with protected health information on behalf of a covered entity

Health Information Management

For professionals who work with medical records, release of information or manage patient records

Compliance Training Spanish

Health care providers whose primary language is Spanish 

IT Security

If you work with or manage electronic protected health information

Information Technology Business Associates

This course is made specifically for information technology professionals who act as business associates

Train Your Team

HIPAA Group Training

HIPAA Associates has been recognized as best in “Team Training” for two years. Our training programs for organizations have been used effectively to train small, medium and large health care organizations. Any company that handles protected health information must train all of their employees to comply with HIPAA regulations. Our programs are geared to address both HIPAA Privacy and Security provisions as required by law.

We offer you the following:

  • Provide a HIPAA training program for all of your employees using clinical and administrative scenarios that makes these concepts easy to understand.
  • Assist you in implementing a process to continuously monitor the training of all of your staff. We provide regular updates through our HIPAA ABCs.
  • Train your privacy or compliance officer to ensure they are familiar with all regulations to supervise HIPAA compliance at your institution.
  • HIPAA Compliance Plans
Learn More – Group Training

Get More Information – Group Training

Download Brochure

Download Our Training Brochure

Contact us – Group Training

Contact us for group training

Purchase Training

Purchase Group Training

State Laws

Covered entities and business associates must comply with the HIPAA Rules which are federal regulations.  HIPAA Associates has created courses to address the HIPAA Rules based on the function of healthcare providers.

Many states have privacy laws that affect patient privacy. Our courses do not cover each individual state, but you may consult with our professionals to review applicable laws from your state.

The OCR and HIPAA Certification

We observe the Office for Civil Rights (OCR) guidance as it pertains to HIPAA Certification. We will provide a Certificate of Completion for those that complete a training course. It is important to note, the OCR does not endorse any private consultants’ or education providers’ claims and does not certify any persons or products as “HIPAA compliant.

Office for Civil Rights

Our Promise to You. We will assist your organization to follow the OCR requirements which expects that each member of the workforce will review and understand privacy policies; HIPAA Associates will provide training through video presentations, or interactive software programs. We are prepared to certify your organization has completed the necessary training in HIPAA which is consistent with the requirements of the OCR. Our staff is prepared to assist you with these requirements through our programs and our personal service.

HIPAA Compliance Consulting

HIPAA Associates have been in the business of HIPAA Compliance Consulting since the Privacy Rule went into effect. To assist you with HIPAA Compliance we are prepared to help you create your HIPAA Compliance Plans and your HIPAA Policies & Procedures. In addition we can help train your entire staff. Through our HIPAA Consulting Services, we have assisted many large organizations with HIPAA and are prepared to help your organization.

HIPAA Breach Reporting

Do you have a breach to report? We can help you do it the right way. Get help from the experts in the field. We have assisted many organizations with HIPAA Breach Reporting to the Office for Civil Rights (OCR) for over 18 years. Our experts are familiar with the requirements necessary to perform a full Breach Report. We also offer you a free Breach Report Toolkit to get started. We can help you and your organization. Contact us today.

Breach Report Toolkit
Contact Us Today

HIPAA Compliance Consulting & HIPAA Compliance Plans

Do you have a HIPAA compliance plan with policies and procedures? If you do, have you recently reviewed your HIPAA compliance plans, policies and procedures? When you engage HIPAA Associates for HIPAA Compliance services we will review and revise your plan to assure compliance with HIPAA Rules and best practices. If you don’t have a HIPAA compliance plan we will draft a plan with policies and procedures that offers complete coverage of the privacy, security and HITECH requirements. Please review our HIPAAA Compliance Plan to get started.

Get your free HIPAA Compliance Checklist

Why Choose HIPAA Associates

Healthcare Compliance Certified
  • Pioneers in the Field of HIPAA– We have assisted in the creation of HIPAA programs since 2002. Mary Lopez has nineteen years’ experience providing HIPAA guidance and practical solutions. Al Lopez has 12 years of experience with consulting and HIPAA training. We helped create the first HIPAA program at a large multi-hospital institution and since then have helped manage programs for multiple physician organizations and other hospital systems. Today we provide services to hospitals, clinics, providers, and public health departments.
  • We are professionals with a background in nursing, medicine, and compliance. We are certified by the Health Care Compliance Association and The American Health Information Management Association, the most recognized healthcare compliance associations in the country.
  • Training from the Best– Our training has been successfully used in many settings and is easy to follow and understand. We have created our courses to benefit all staff in your organization. Our programs cover all personnel in your organization based on their role in the entity.
  • Affordable– Our HIPAA training videos are affordable and come with personalized support. We make ourselves individually available to all organizations or individuals who elect to use our services.
  • HIPAA Associates uses its unique blend of knowledge and experience to provide accessible HIPAA training and consulting services to all who must comply with the HIPAA Privacy Rule.
  • Our mission is to make HIPAA training and compliance painless and understandable.

What is HIPAA

Many health providers will ask, What is HIPAA? In a nutshell the Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that created national standards to protect sensitive patient health information from disclosure without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. The HIPAA Security Rule protects electronic protected health information. This information is the basis for HIPAA Compliance.

HIPAA Privacy Rule

The Privacy Rule, addresses the use and disclosure of individuals’ health information, also known as “protected health information” by entities subject to the Privacy Rule. These individuals and organizations are called “covered entities,” which are individuals, organizations, or corporations that directly handle PHI and transmit any health information in electronic form.

The Privacy Rule also contains standards for individuals’ rights to understand and control how their health information is used. A major goal of the Privacy Rule is to ensure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well-being. The intention of the Privacy Rule is to permit important uses of information while protecting the privacy of people who seek care and healing. It allows patients access to PHI.  New rules such as the Information Blocking have given new meaning to access of PHI.

HIPAA Privacy Rule

HIPAA Privacy Rule

Covered Entities

The following types of individuals and organizations are subject to the Privacy Rule and are considered covered entities:

  • Healthcare providers:  Every healthcare provider, regardless of size of practice, who electronically transmits health information in connection with certain transactions. These transactions include claims, benefit eligibility inquiries, referral authorization requests, and other transactions for which HHS has established standards under the HIPAA Transactions Rule.
  • Health plans:  Entities that provide or pay the cost of medical care. First are health plans which include health, dental, vision, and prescription drug insurers; second are health maintenance organizations (HMOs); then, Medicare, Medicaid, and Medicare supplement insurers; and finally, long-term care insurers (excluding nursing home fixed-indemnity policies). Health plans also include employer-sponsored group health plans, government- and church-sponsored health plans, and multi-employer health plans.
  • Healthcare clearinghouses:  Entities that process nonstandard information they receive from another entity into a standard (i.e., standard format or data content), or vice versa. In most instances, healthcare clearinghouses will receive individually identifiable health information only when they are providing these processing services to a health plan or healthcare provider as a business associate.

Business Associates

The following types of individuals and organizations are subject to the Privacy Rule and are considered business associates:

  • Business associates: A person or organization (other than a member of a covered entity’s workforce) using or disclosing individually identifiable health information to perform or provide functions, activities, or services for a covered entity.
  • These functions, activities, or services include claims processing, medical records copy companies, lawyers, accountants, data analysis, utilization review, and billing.

Permitted Uses and Disclosures

A covered entity is permitted, but not required, to use and disclose protected health information, without an individual’s authorization, for the following purposes or situations:

  • Disclosure to the individual
  • Treatment, payment, and healthcare operations
  • Opportunity to agree or object to the disclosure of PHI

Public interest and benefit activities—The Privacy Rule permits use and disclosure of protected health information, without an individual’s authorization or permission, for the following reasons:

  • When required by law
  • Public health activities
  • Victims of abuse or neglect or domestic violence
  • Health oversight activities
  • Judicial and administrative proceedings
  • Law enforcement
  • Functions concerning deceased persons
  • Cadaveric organ, eye, or tissue donation
  • Research, under certain conditions
  • To prevent or lessen a serious threat to health or safety
  • Essential government functions
  • Workers compensation

HIPAA Security Rule

In February of 2003 HHS published a final Security Rule. This Rule sets national standards for protecting the confidentiality, integrity, and availability of electronic protected health information. Compliance with the Security Rule was required as of April 20, 2005 (April 20, 2006 for small health plans).

While the HIPAA Privacy Rule safeguards protected health information (PHI), the Security Rule protects all individually identifiable health information a covered entity creates, receives, maintains, or transmits in electronic form. This information is called “electronic protected health information” (e-PHI). The Security Rule does not apply to PHI transmitted orally or in writing.

The Enforcement Rule provides standards for the enforcement of all the Administrative Simplification Rules.

HHS enacted a Final Omnibus Rule that implements a number of provisions of the HITECH Act to strengthen the privacy and security protections for health information established under HIPAA, finalizing the Breach Notification Rule.

Safeguards to Protect PHI

Individually identifiable health information should be protected with reasonable administrative, technical, and physical safeguards to ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use, or disclosure.

The HIPAA Privacy Rule requires covered entities to implement appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information (PHI).

It is important for all organizations who handle PHI to prepare by performing a Risk Analysis to determine the risks to Protected Health Information (PHI) in their organization. In many situations an organization may start by performing a HIPAA Gap Analysis. By doing so they can prepare to address any vulnerabilities. The Security Rule provides guidance in this matter and should be addressed by all interested Privacy Officers.

To comply with the HIPAA Security Rule, all covered entities must do the following:

  • Ensure the confidentiality, integrity, and availability of all electronic protected health information
  • Detect and safeguard against anticipated threats to the security of the information
  • Protect against anticipated impermissible uses or disclosures
  • Certify compliance by their workforce

The Privacy Rule’s safeguards standard assures the privacy of PHI by requiring covered entities to reasonably safeguard PHI from any intentional or unintentional use or disclosure in violation of the Privacy Rule. The safeguards requirement establishes protections for PHI in all forms: paper, electronic, and oral. Safeguards include such actions and practices as securing locations and equipment; implementing technical solutions to mitigate risks; and workforce training.

Learn more about HIPAA

OCR & HIPAA Compliance

The HHS Office for Civil Rights enforces HIPAA rules, and all complaints should be reported to that office. HIPAA violations may result in civil monetary or criminal penalties.  In other words the OCR is responsible for HIPAA Compliance.

HIPAA Resources

What is HIPAA? Learn more about this at our HIPAA Resources page available to all covered entities and business associates. You will get valuable information about HIPAA Privacy and Security by following the link.

Visit HIPAA Resources

Through our HIPAA ABCs newsletters we provide additional free online HIPAA training to our colleagues. These newsletters will keep you informed of any new ideas or regulations related to the HIPAA Privacy Rule.

Visit our HIPAA ABCs page & learn about HIPAA from

A to Z