40% OFF Sale through January 23: COVID Clinical Best Practices. Use "CLINICAL40" coupon code in your shopping cart.
Behavioral health professionals face annual HIPAA training requirements as mandated by federal regulation.

Not only is HIPAA training essential for your employees and staff to function, it also fulfills a significant requirement outlined by the Department of Health and Human Services (HHS) Office for Civil Rights (OCR).

According to the law, employees need to be trained annually on the following items:

  • HIPAA 101 Training: Employees must undergo HIPAA 101 Training to ensure that they’re fully aware of the security and privacy obligations they must maintain under the law. HIPAA 101 Training cannot be fulfilled by continuing education credits and must be attended by all staff members.
  • HIPAA Policies and Procedures: Once your behavioral health organization has implemented effective policies and procedures that address the full extent of the HIPAA regulatory standards, you must ensure that employees are trained on them. Each employee must read these policies and procedures so that they understand how to properly handle and maintain protected health information (PHI) to keep your practice safe.

Documented Attestation

After your staff has undergone HIPAA training, you must also ensure that you have documentation.

All employees must attest that they’ve performed the required training. Additionally, employees must document that they have read and understood the HIPAA Policies and Procedures in your organization that they have received training on. This documentation must include the date and time that they signed off on this training in order to protect your organization from liability in the event of a data breach or HIPAA violation.

Documentation must be retained by your office and made accessible to auditors or federal investigators in the event of an OCR investigation.

HIPAA Resources

Compliancy Group gives behavioral health professionals confidence in their HIPAA compliance with The Guard™. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance.

Compliancy Group’s team of expert Compliance Coaches™ field questions and guide users through the implementation process, taking the stress out of managing compliance. The Guard is built to address the full extent of HIPAA regulation, including fully automated documentation of policies, procedures, employee training, and remediation plans. The Guard includes policies and procedures that are uniquely tailored to the needs of your organization so you’ll never have to worry about the headaches that come with generic policy binders again.

With The Guard, behavioral health professionals can focus on running their practice while keeping their patients’ data protected and secure.

For more information about what you can do to protect your behavioral health practice, see these upcoming HIPAA educational webinars.

Find out more about how Compliancy Group and the HIPAA Seal of Compliance can help simplify your HIPAA compliance today!


Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.