HIPAA Training Requirements
Conducting annual HIPAA training is a key component of maintaining HIPAA compliance. However, hosting a practice-wide training day is not sufficient, mainly because if an employee is hired after your practice’s annual training day, they could go an entire year without completing their required training. Since each employee must renew their HIPAA training annually, it is best to utilize a training program that allows employees to do their training according to their specific due date.
What Are HIPAA Training Requirements?
HIPAA training should include the following components:
- HIPAA Standards: it is important for employees to have a general understanding of HIPAA. Employees should understand what constitutes protected health information (PHI), and what the proper uses and disclosures of PHI are. HIPAA requires healthcare organizations and their staff members to adhere to the minimum necessary standard when it comes to accessing and disclosing PHI. This means that PHI must only be used and disclosed for a specific purpose.
- Policies and Procedures: HIPAA requires healthcare organizations to create policies and procedures that are specific to their business practices. However, they are only effective if employees are aware of what they are. HIPAA training should provide staff members with an understanding of your practice’s administrative, physical, and technical safeguards. It is also important that employees are aware of how to report a suspected breach, and who they should report it to.
- Social Media Use: it is not permitted to disclose PHI via social media without explicit written consent from the patient. This includes responding to online reviews, patient testimonials on a website, sharing images of a patient (even if they are in the background of a photo), or sharing images with patient information in them.
- Recognizing Phishing Attempts: hackers are using phishing emails with increasing frequency to gain access to sensitive information. Phishing emails disguise hackers as a trusted entity, generally asking for access to confidential information, or prompting recipients to click on a malicious link. This allows hackers access to the employees email account, and in some cases the organization’s entire internal network.
Need assistance with HIPAA compliance? Compliancy Group can help! They help you achieve HIPAA compliance with Compliance Coaches® guiding you through the entire process. Find out more about the HIPAA Seal of Compliance® and Compliancy Group. Get HIPAA compliant today!
Your TBHI Professional Training Options
TBHI specializes in teaching you how to relax when delivering telehealth. It offers you a step-by-step learning path of online training that helps you be legally and ethically compliant, clinically proficient, and able to handle even the most difficult of clinical scenarios. Take advantage of COVID discount pricing to learn how to sit back and enjoy your telehealth experiences, rather than struggling with ZOOM fatigue and clinical uncertainty. All courses are evidence-based, available 24/7 through any device and most count toward legal and ethical requirements for licensure. Two micro certifications are also available.
- Telehealth Group Therapy — Exciting, highly interactive telehealth learning experience designed to get answers to your questions about legally and ethically managing telehealth group therapy. Digital class will allow you to connect with colleagues ahead of time to ask questions and share answers. Distinguished faculty will lead you through telehealth group therapy theory and exercises.
- Telehealth Clinical Best Practices Workshop — Live, interactive webinar, w/ 4 CME or CE hours to discuss preventing and handling complex clinical issues.
- Course Catalog
- Micro Certifications to give you a broader range of legal and ethical grounding, and allow you to distinguish yourself as a TBHI-credentialed professional on your websites, in social media, directories and other areas.
Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.