HIPAA for Healthcare Workers



Toll Free
9AM - 5PM CST (M-F)

Faculty: Becca Kalivas, RN, MS


Successful Completion: Complete entire module, complete the exam with a passing score of 80% or better, and complete the evaluation form.


Estimated Time to Complete Activity: 90 minutes.


CEUs: HIPAA Exams is authorized by IACET to offer 0.2 CEUs for this program.  CEU Information


Free Certification of Completion available instantly for download or printing upon successful completion.


This online HIPAA compliance training for healthcare workers will ensure your knowledge and understanding of the important pieces of HIPAA standards and regulations.

This 90-minute online HIPAA training course is designed to educate Health Care Workers on the full HIPAA law, including HIPAA Privacy, HIPAA Security, Enforcement of HIPAA violations, and 2022 Updates.

As a health care worker, maintaining the HIPAA privacy and security of patient information is crucial.

  • 2021/2022 Updates
  • ONC 21st Cures Act Final Rule
  • The CMS Final Rule

The course includes an interactive eLearning with a stand-alone exam.

You will receive a HIPAA "Certificate of Completion" upon successful completion.

HIPAA for Healthcare Workers FAQs 

What is the HIPAA minimum training requirement for healthcare employees? 

Just as HIPAA general training does not have specific minimum requirements, HIPAA also does not specify a minimum amount of duration for the training. The duration of appropriate training must be sufficient to cover all the material that is necessary for the employee to comprehend the HIPAA requirements.

The length of a classroom HIPAA training session will depend on the amount of material covered, the number of participants, and the volume of questions posed before, during, and after the session. 

However, our 100% online HIPAA for Health Care Workers training covers an extensive table of contents with clear learning objectives that can be completed in only 90 minutes. You will also be rewarded with a free Certification of Completion available instantly upon passing successful completion. 

How does HIPAA apply to healthcare workers? 

Both covered entities and business assoc iates are subject to the HIPAA Rules . The HIPPA Privacy Rule's main objective is to ensure that people's health information is appropriately saf eguarded while permitting the flow of information required to deliver and promote high-quality healthcare, as well as to protect the health and well-being of the public.

Only healthcare professionals who electronically transmit health information in connection with covered transactions are required to adhere to HIPAA regulations. Most providers use electronic information transmission to perform tasks including processing claims and collecting payments. As a result, HIPAA covers most healthcare providers.

Our online HIPAA compliance training for healthcare workers will ensure your knowledge and understanding of the main HIPAA rules and regulations.

What are the three main rules of HIPAA? 

HIPAA lays out three rules for protecting PHI, including:

  • The Privacy Rule.
  • The Security Rule.
  • The Breach Notification Rule.
1.) The HIPAA privacy rule

The HIPAA Privacy Rule outlines the circumstances under which a person may disclose or utilize PHI. 

The regulations set by the privacy rule address topics such as: 

  • Which organizations must follow the HIPAA standards
  • What is protected health information (PHI)
  • How organizations can share and use PHI
  • Permitted usage and disclosure of PHI
  • Patient’s rights over their health information

Healthcare entities covered by HIPAA include:

  • Health plans 
  • Health care clearinghouses 
  • Health care providers 

HIPAA also applies to business associates, who conduct healthcare transactions for covered entities. 

The privacy rule restricts the use of health information, which could identify a person. Covered entities cannot use or disclose PHI unless:

  • It’s permitted under the privacy rule
  • The individual has authorized it in writing 

The privacy rule does not restrict de-identified health information. 

2.) The HIPAA Security Rule

The HIPAA Security Rule sets out the minimum standards for ePHI. 

It covers the following concepts:

  • The organizations that may need to follow the security rule and be deemed covered entities
  • Safeguards, policies, and procedures that can be put in place to meet HIPAA compliance
  • Health care information that is under the protection of the security rule

All the covered entities must protect all ePHI that they create, receive, store, or send. They must: 

  1. Ensure the confidentiality, integrity and availability of the PHI
  2. Protect the ePHI against all threats to its security and integrity 
  3. Protect it against impermissible use or disclosure
  4. Train employees, and ensure compliance with the security rule
  5. Adapt suitable policies and procedures

To reduce the risk of a breach to ePHI, the covered entities must also conduct a risk analysis and develop a risk management strategy.

3.) The HIPAA Breach Notification Rule

The HIPAA Breach Notification Rule requires covered entities to send an alert when there is a violation of HIPAA regulations. Once a covered entity becomes aware of a breach, the alerts must be sent within 60 days from the discovery of the breach. 

Covered entities are required to alert:

  1. Affected individuals
  2. Health and Human Services (HHS)
  3. Media, if necessary

Business associates of a covered entity must inform their covered entity too. 

The HHS must be informed right away if the breach affects more than 500 people. It will be published on the HHS website and the statement must also be published on the covered entity's website.

What is a HIPAA training certificate?

The HIPAA training courses are designed to give participants a fundamental understanding of HIPAA, allowing further training on policies and procedures or security and awareness.

Certificates of HIPAA training can also show prospective employers that a job candidate is aware of the HIPAA rules and regulations, in turn, helping with the hiring process.

How often do you have to perform HIPAA training?

The frequency of required HIPAA training is determined by several criteria, including risk assessments, major changes to policies and procedures, and Office for Civil Rights (OCR) corrective action plans. In addition, it is advised that covered entities and business associates offer Privacy Rule refresher training at least once a year in addition to maintaining an ongoing security and awareness training program.

You can find answers to other questions you may have related to the HIPAA for healthcare workers requirements on the Health and Human Services (HHS) website.

How to Purchase

To enroll in this course, simply add the number of users you need below and ADD TO CART. Follow the steps for CHECKOUT which will include registering your account.


Learning Objectives

  • Describe the purpose of HIPAA legislation
  • Identify the changes implemented to HIPAA by the Omnibus Final Rule
  • Identify the key elements of the HIPAA Privacy Rule, HIPAA Security Rule, and HIPAA Enforcement Rule
  • Explain the process for Breach Notification
  • Interpret the Unique Identifiers and Transaction and Code Set Rules
  • Identify ways how to apply these rules to his/her daily practice as a health care worker

Target Audience

This course is designed for all healthcare workers who are directly involved in medical treatment of patients - including medical students, physicians, nurses, chiropractor, medical staff, hospital staff, pharmacy staff, etc.

Table of Contents

HIPAA Training for Healthcare Workers -

(HIPAA Training for Privacy, Security, and Enforcement)

Table of Contents:

  • HIPAA Training for Healthcare Workers
  • Legal Notice
  • Objectives
  • What is HIPAA?
  • What is HIPAA Portability?
  • What is Accountability?
  • HITECH Act and Omnibus Final Rule
  • Who Must Abide by HIPAA Rules?
  • HIPAA Covered Entity
  • Business Associates
  • Individually Identifiable Health Information
  • Business Associates
  • HIPAA Privacy Rule
  • Uses and Disclosures Under Privacy Rule
  • Permitted Uses and Disclosures Under Privacy Rule
  • Limited Data Set and De-Identifiable Health Information
  • Authorized Uses and Disclosures Under the Privacy Rule
  • "Minimum Necessary" Principal
  • Notice of Privacy Practices
  • Individual Access to Protected Health Information
  • ONC Cures Act Final Rule - 202/20221 Update
  • CMS Final Rule - 2021/2022 Update
  • More Individual Rights Under the Privacy Rule
  • Admin. Requirements for Privacy Rule Compliance
  • Personal Representatives and Minors Under the Privacy Rule
  • State Law and the Privacy Rule
  • Privacy Rule and Genetic Information Nondiscrimination Act
  • Privacy Rule and Decedents
  • Privacy Rule and Student Disclosures
  • Privacy Rule and Fundraising
  • HIPAA Security Rule
  • What Security Measures Must be Used?
  • Administrative Safeguards
  • Physical Safeguards
  • Technical Safeguards
  • Privacy and Security for Mobile Devices
  • Transaction and Code Set Standards
  • Unique Identifiers Rule
  • HIPAA Violations
  • HIPAA Enforcement Rule
  • Enforcement Rule and Civil Money Penalties
  • Defenses and Waivers for CMP
  • HIPAA Breach Notification Rule
  • Breach Notification and Risk Assessment
  • Breach Notification Rule - Exceptions
  • Breach Notification Rule and Unsecured PHI
  • Breach Notification Requirements - Individuals
  • Breach Notification Requirements - Media
  • Breach Notification Requirements - Secretary
  • Breach Notification by a BA
  • Burden of Proof for Breach Notification
  • Recent Updates to HIPAA - Opioid Crisis
  • Recent Updates to HIPAA - Cloud Computing
  • HIPAA Compliance Checklist
  • End of Course Exam
  • HIPAA Certification


Download Certificate of Completion Immediately

3 Attempts to Pass Your Exam

Instant Access: 100% Online - Access 24/7 from Anywhere

No Recurring Fees

HIPAA for Health Care Workers

What People Are Saying

"Thank you very much! You guys are the BEST. Such great customer service!" Marlene Schmidt - Medical Assisting Lab Coordinator, Bryant & Stratton College

"I'd like to include it in our upcoming newsletter. We need to make sure everyone is aware of what we are offering and the company behind the offering-thanks SO much!" Kathy H. Wood, Ph.D., FHFMA | University Dean, CTU

Banner Image

Train Anywhere, Anytime

Courses can be accessed from any internet device at anytime.