Our Most Popular Courses


HIPAA Exams has been the most trusted source in HIPAA training since 2008. We are one of the few IACET accredited providers and a certified SBA 8(a) minority owned small business. With over 13 years of experience, HIPAA Exams provides you and your team with IACET accredited training courses that are accepted throughout the US. We can help you manage your yearly required HIPAA and OSHA trainings. In addition to the highest quality online HIPAA training, we offer many different courses including Security Awareness Cybersecurity, Diversity and Inclusion, HIPAA for Healthcare professionals and Sexual Harassment training. All of this and more is provided at affordable pricing, with unbeatable features like:

All courses icon

All courses come with one (1) hour of CEU credits

Full learning icon

Full Learning Management System – including reporting, tracking, and yearly reminders

New York icon

New York State Department of Health Approved Provider

Vendor icon

Courses for Vendor Credentialing

Support icon

Chat, Email, and Phone Support

API icon

API Integration – Use your company’s intranet to access HIPAA Exams’ LMS

Subscription icon

Monthly Subscription Plans

Yearly course

Yearly Course Lease Options

Bundles icon

Discounted Course Bundles


Key Print

Download, Print or Email Certificates

Instantly download, print or email your training certificates upon successful completion of any online training course. Tests are instantly graded online and tests can be attempted as many times as necessary until completed successfully. No more waiting to complete your certification training! Every certificate contains a unique ID which can be traced to an individual user in case of a compliance audit. Our certificates, including our HIPAA Certificate, have no expiration dates and offer IACET CEUs.

Key Management

Manage Employees & Documents

Group administrators can add, edit and remove employees. Our system includes a simple document management system that allows you upload employee specific or company wide documents. Documents can be shared with employees or kept private.

Key Mobile Ready

Cloud-based and Mobile Ready

Our Learning Management System is hosted in the Cloud for ultimate flexibility. Our system can grow from supporting 100,000 users to 10,000,000 users in under a second. All our computer based courses have been developed in a SCORM compliant format and can be viewed on any PC/MAC or mobile device.


What is HIPAA Certification?

There is no such thing as HIPAA certification for an organization or provider. There are guidelines for protected healthcare information (phi), and there are certifications that may include some or all of the guidelines as set forth in HIPAA as required by HHS and enforced by OCR. HIPAA Exams offers a complete training course and certification that allows your organization to stay in compliance with HIPAA mandated guidelines including HIPAA Privacy Rule, HIPAA Security Rule, HIPAA HITECH and HIPAA Omnibus rule which is required to comply with federal regulations. HIPAA “Certification” is the process in which individuals, not organizations, complete a HIPAA training course and receive a certificate of completion (often referred to as HIPAA Certification). While sounding official, HIPAA “Certification” is not a legally binding process. HIPAA Compliance on the other hand is. Organizations who house Protected Health Information (PHI) must meet HIPAA Compliance. A part of HIPAA Compliance is HIPAA “Certification” i.e. HIPAA training. HIPAA training is required within 60-days of hire and then whenever there are changes to the law – industry standard is yearly due to the frequency of updates to the law. You may find HIPAA “Certification” or trainings that deal with parts of the HIPAA law or those that take you through all aspects of the law in one course. HIPAA Exams offers a complete HIPAA training course in one self-paced module instead of broken up into multiple costly courses. Our one course covers all aspects of HIPAA law including HIPAA Privacy Rule, HIPAA Security Rule, HIPAA HITECH and HIPAA Omnibus Rules.

What is HIPAA Compliance?

Per HIPAA regulation there are two types of organizations that must meet HIPAA training compliance – Covered Entities including group health plans and Business Associates. In order to meet HIPAA compliance and be HIPAA compliant, both Covered Entities and Business Associates must ensure that their organizations are following the standards and guidelines. Yearly training and risk assessments are only one aspect of compliance. The HIPAA Privacy Rule require Federal standards to protect the medical records and other protected health information of all individuals within the U.S. It applies to health plans, health care clearinghouses, and all those providers who maintain or have access to electronic health records phi. The HIPAA Security Rule applies the Privacy Rule to include standards to protect individual’s electronic personal health information phi that is created, received, used, or maintained by a covered entity or business associate and sets reporting for breach notifications enforced by the Office of Civil Rights (OCR).

What Should a HIPAA Checklist Include?

  • Track and trace all folders and files that contain PHI.
  • Restrict access to PHI across your organization—allow limited access. 
  • Include the HIPAA compliance rules in all policies and procedures.
  • In case of any issues, document your compliance policies and procedures to maintain and record of compliance.
  • Regularly review the data security measures in place at your organization to detect any faulty processes or loopholes.
  • Have a proper remedial plan lined out in case of any gap in compliance. 
  • Ensure that all business associates and covered entities in BAAs are also in compliance with HIPAA. 
  • Prepare with a procedure and documents, just in case of a PHI data breach.
  • Maintain Compliance with HIPAA Training

What Does HIPAA Stand For?

HIPAA is the Health Insurance Portability and Accountability Act, enacted by the U.S. Congress in 1996. The purpose was to improve how healthcare entities protect sensitive patient information. Since this time, new rules were added to HIPAA to enhance the current levels of protection. HIPAA training is a required component of HIPAA compliance. All those who work within or to support the healthcare field are required to take yearly HIPAA training. To put it simply, if you perform a job and have access to Personal Health Information (PHI), including but not limited to a person’s name, phone number, address, social security number, medical records, medical treatments, etc, you are required to complete a yearly HIPAA training. HIPAA training courses are normally broken into several categories of the law, including: HIPAA Privacy Rules, HIPAA Security Rules, HIPAA HITECH and OMNIBUS Rules, HIPAA Breach Rules. Our accredited HIPAA training courses cover all the above content in one self-paced learning module. Through HIPAA Exams, you get HIPAA training that has the most important information your team needs to know along with an accredited certificate of completion. Help your organization meet HIPAA compliance by taking our HIPAA training courses.

The Importance of Using an IACET Accredited Training Provider

In a nutshell, accreditations are essential to ensuring verified information, legitimacy, and a minimum standard of excellence. Given the IACET's rigorous tests, standards of quality and review process, there is an added layer of competence associated with accreditation. It implies that the training provider in question has undergone and withstood a thorough process of examinations and scrutiny. Unaccredited training providers are notorious for providing inaccurate and false information. And it makes sense, doesn't it? Why would a company that doesn't have to undergo any screening process bother with fact-checking information? This highlights the importance of Using an IACET Accredited Training Provider.

Who Enforces HIPAA?

With all the compliance mandates surrounding HIPAA, and the fines that have taken place over the past year, it’s easy to wonder who’s finding all these violations and who’s enforcing HIPAA. The main party enforcing HIPAA is the Department of Health and Human Services' Office for Civil Rights, also known as OCR.

While they have most of the jurisdiction, the State Attorney General, Centers for Medicare and Medicaid Services (CMS), U.S. Food and Drug Administration (FDA) and the Federal Communications Commission (FCC) all have some say in HIPAA enforcement.

Frequently Asked Questions

Start by adding the courses you need to your cart. Once courses are added, return to the cart and start the checkout process. You’ll be asked to select if you’re a new or existing user. Select New User to get started.