Our Most Popular Courses


HIPAA Exams has been the most trusted source in HIPAA training since 2008. We are one of the few IACET accredited providers and a certified SBA 8(a) minority owned small business. With over 13 years of experience, HIPAA Exams provides you and your team with IACET accredited training courses that are accepted throughout the US. We can help you manage your yearly required HIPAA and OSHA trainings. In addition to the highest quality online HIPAA training, we offer many different courses including Security Awareness Cybersecurity, Diversity and Inclusion, HIPAA for Healthcare professionals and Sexual Harassment training. All of this and more is provided at affordable pricing, with unbeatable features like:

All courses icon

All courses come with one (1) hour of CEU credits

Full learning icon

Full Learning Management System – including reporting, tracking, and yearly reminders

New York State Department of Health Approved Provider

New York icon
Vendor icon

Courses for Vendor Credentialing

Support icon

Chat, Email, and Phone Support

API icon

API Integration – Use your company’s intranet to access HIPAA Exams’ LMS

Subscription icon

Monthly Subscription Plans

Yearly course

Yearly Course Lease Options

Bundles icon

Discounted Course Bundles


Key Print

Download, Print or Email Certificates

Instantly download, print or email your training certificates upon successful completion of any online training course. Tests are instantly graded online and tests can be attempted as many times as necessary until completed successfully. No more waiting to complete your certification training! Every certificate contains a unique ID which can be traced to an individual user in case of a compliance audit. Our certificates, including our HIPAA Certificate, have no expiration dates and offer IACET CEUs.

Key Management

Manage Employees & Certificates

Group administrators can add, edit, and remove employees. Our system includes a simple Reporting section that allows group admins to pull reporting for all users, including certifications, and send completion reminders.

Key Mobile Ready

Cloud-based and Mobile Ready

Our Learning Management System is hosted in the Cloud for ultimate flexibility. Our system can grow from supporting 100,000 users to 10,000,000 users in under a second. All our computer based courses have been developed in a SCORM compliant format and can be viewed on any PC/MAC or mobile device.


What is HIPAA Certification?

There is no such thing as HIPAA Certification for an organization or provider. There are guidelines that have been issued for Protected Health Information (PHI) by HHS and enforced by OCR under HIPAA. These guidelines make up HIPAA compliance, which organization, providers, and Business Associates all must follow and meet. One component of HIPAA compliance is HIPAA “Certification” or more commonalty referred to as HIPAA Training. HIPAA training is required for all employees of an organization who has access to PHI. HIPAA training is required within 60-days of a new employee’s start date, and then anytime changes to the law has been made. Industry standards for HIPAA training is yearly. HIPAA Exams offers one full course that covers all components of HIPAA that require training – including HIPAA Privacy and Security Rules, and the HIPAA HITECH and OMNIBUS Rules.

27 percent of individuals were unaware they had a right to an electronic copy of their medical records. Furthermore, 41 percent of Americans have never even seen their health information.

Whether these patients knew it or not, the government was protecting this information.

The Department of Health and Human Services (HHS) regulates this information. Thanks to the passage of HIPAA almost 25 years ago, Americans have a right to access their own medical records. They also have control over the dissemination of this information.

To handle this sensitive patient matter, HHS requires a HIPAA certification for these roles.

Completing a HIPAA certification course ensures you will be well-versed in these regulations. This way, you are better educated to avoid potential violations. Violating HIPAA standards can potentially result in licensing, legal, or other disciplinary action.

To find out more about the regulations and how you can become HIPAA certified, keep reading.

What Is HIPAA?

HIPAA stands for the Health Insurance Portability and Accountability Act of 1996. It is overseen and enforced by HHS.

This act sets a legal standard to protect patients' medical data, in every aspect of healthcare and the surrounding fields. For the most part, if it is personal information about your health, it is protected under HIPAA.

Information covered includes anything that medical providers have added to your medical record. It also covers conversations between yourself and your provider. Conversations they have with other providers about your medical care are covered, as well.

HIPAA also codifies your personal access to your own medical records. In addition, it restricts them from being shared with outside parties without your consent.

One important consequence of this increase in accessibility is the increase in risk. It is essential to know your rights concerning your medical records. Never grant access to this information to a non-trusted third party.

Once you release this information to a third party, your doctor can no longer guarantee the information's security.

What Does It Mean to Be HIPAA Certified?

HIPAA certification is granted to individuals who complete a compliance training course. This program is designed to educate them on the rules and regulations established under this law.

Upon successful completion of the course, they become HIPAA certified.

Technically speaking, there is no HHS-endorsed certification program. Many courses make big claims and have big price tags to match. It can be difficult to identify which program is best to educate yourself on HIPAA regulations, without breaking the bank.

Plus, maintaining compliance is an ongoing process. Be sure to carefully choose a program that stays updated on any changes in regulations.

This is especially true considering the world of medical technology is constantly updating. Annual HIPAA training is the key to staying up-to-date on any changes in policies and procedures that could affect your industry.

Unfortunately, breaches in patient information are much more common than we realize. It is critical to keep your office and your patients as secure as possible while keeping in compliance with HIPAA standards and regulations.

Who Is the Trusted Source for HIPAA Certifications?

When choosing a HIPAA course, it is essential to choose a source with years of experience and credibility. HIPAA Exams boasts IACET accreditation and 12 years of industry-leading success in tow.

Plus, the program is trusted by government sources including the USDA, the Department of Homeland Security, and the Air Force. It is also used by Brigham Young University, University of Vermont, Florida State University, and other schools.

HIPAA Exams provides a variety of courses on the topic, breaking down complexities based on the industry you work in. As the law covers such a broad umbrella of topics, there are sub courses for each specific area of focus.

There are low-cost, highly-accredited courses available for individual or bulk account pricing.

Upon completion of an online training course, tests are graded instantly. If you pass, you can immediately download and print (or email) your certification. If you do not pass, you can retake the test as many times as you need to.

Though, compliance certifications from HIPAA Exams do not expire.

Who Needs a HIPAA Certification?

HIPAA covers various personnel that may have access to patient personal and medical information. These professionals could include:

Nursing/medical assistants
Medical billers
Hospital/office administrators
Health insurance professionals
Lab professionals

Furthermore, HHS deems the organizations these professionals work under "covered entities." They are required to follow their own set of regulations, as well as to ensure the security of patient information.

These covered entities include:

Health insurance companies
Doctor's offices
Psychologist's practices
Chiropractor's offices
Nursing homes
Dentist's offices

The term "covered entities" refers to the medical offices as a whole. This includes administrative staff, who do not see patients themselves. However, they may have access to protected information.

HIPAA also covers any contractors or subcontractors affiliated with these covered entities. HHS refers to these groups as "business associates," and they still require some HIPAA certification basics.

Although technically not employees of these organizations, they could potentially access patient records.

Luckily, there are industry-specific courses available through HIPAA Exams. This way, you can be sure to focus on what you need to know for your industry of practice.

As a manager or administrator, you can go in and add, edit, or remove employees. The HIPAA Exams program allows you to go into the reporting feature and pull reports for all users.

This way, you can easily see active certifications, and send completion reminders to those that are missing.

What Should a HIPAA Checklist Include?

  • Track and trace all folders and files that contain PHI.
  • Restrict access to PHI across your organization—allow limited access. 
  • Include the HIPAA compliance rules in all policies and procedures.
  • In case of any issues, document your compliance policies and procedures to maintain and record of compliance.
  • Regularly review the data security measures in place at your organization to detect any faulty processes or loopholes.
  • Have a proper remedial plan lined out in case of any gap in compliance. 
  • Ensure that all business associates and covered entities in BAAs are also in compliance with HIPAA. 
  • Prepare with a procedure and documents, just in case of a PHI data breach.
  • Maintain Compliance with HIPAA Training

What Does HIPAA Stand For?

HIPAA is the Health Insurance Portability and Accountability Act, enacted by the U.S. Congress in 1996. The purpose was to improve how healthcare entities protect sensitive patient information. Since this time, new rules were added to HIPAA to enhance the current levels of protection. HIPAA training is a required component of HIPAA compliance. All those who work within or to support the healthcare field are required to take yearly HIPAA training. To put it simply, if you perform a job and have access to Personal Health Information (PHI), including but not limited to a person’s name, phone number, address, social security number, medical records, medical treatments, etc, you are required to complete a yearly HIPAA training. HIPAA training courses are normally broken into several categories of the law, including: HIPAA Privacy Rules, HIPAA Security Rules, HIPAA HITECH and OMNIBUS Rules, HIPAA Breach Rules. Our accredited HIPAA training courses cover all the above content in one self-paced learning module. Through HIPAA Exams, you get HIPAA training that has the most important information your team needs to know along with an accredited certificate of completion. Help your organization meet HIPAA compliance by taking our HIPAA training courses.

The Importance of Using an IACET Accredited Training Provider

In a nutshell, accreditations are essential to ensuring verified information, legitimacy, and a minimum standard of excellence. Given the IACET's rigorous tests, standards of quality and review process, there is an added layer of competence associated with accreditation. It implies that the training provider in question has undergone and withstood a thorough process of examinations and scrutiny. Unaccredited training providers are notorious for providing inaccurate and false information. And it makes sense, doesn't it? Why would a company that doesn't have to undergo any screening process bother with fact-checking information? This highlights the importance of Using an IACET Accredited Training Provider.

Who Enforces HIPAA?

With all the compliance mandates surrounding HIPAA, and the fines that have taken place over the past year, it’s easy to wonder who’s finding all these violations and who’s enforcing HIPAA. The main party enforcing HIPAA is the Department of Health and Human Services' Office for Civil Rights, also known as OCR.

While they have most of the jurisdiction, the State Attorney General, Centers for Medicare and Medicaid Services (CMS), U.S. Food and Drug Administration (FDA) and the Federal Communications Commission (FCC) all have some say in HIPAA enforcement.

Frequently Asked Questions

Start by adding the courses you need to your cart. Once courses are added, return to the cart and start the checkout process. You’ll be asked to select if you’re a new or existing user. Select New User to get started.