Health Insurance Portability and Accountability Act

Trust the professionals in HIPAA as our goals are to provide HIPAA training and compliance at economical cost & right the first time!

For Individual
For Company
For Patient

What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted in 1996. This act was to bring sweeping changes to the healthcare industry and was dream act of Ed Kennedy, one of the sponsors of the regulation.  Regulations were revised in 2009 with Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009. The Omnibus rule for HIPAA was announced by The U.S. Department of Health and Human Services (HHS) Office for Civil Rights on Jan 2013 with compliance date.

HIPAA’s goal is to revolutionize the healthcare industry by lowering expenses, streamlining administrative procedures and responsibilities, and protecting the privacy and security of patients’ health information. Audits by Office for the Civil Rights (OCR) of 2016-2017 are mainly focused on avoiding any breach of patients’ health information, ensuring the privacy and securing the data.

Supremus Group has served more than 3000 companies since 2006. We offer comprehensive HIPAA privacy security certification training updated for Omnibus, HITECH and meaningful use for covered entities and business associates. We offer certification training for HIPAA Privacy, Security, and compliance for all different roles. We provide HIPAA compliance templates manual for HIPAA security risk analysis, HIPAA privacy security policies procedures, HIPAA audit and contingency planning.

 

Who Needs to Comply with HIPAA?

Any organization or person who works in or with the healthcare industry or who has access to protected health information.

This includes:

  • Healthcare Providers: A health care provider is a person who’s trained and licensed to give health care. A health care provider can also be a place licensed to give health care.
  • Health Plans: is an individual or group plan that provides or pays the cost of medical care.
  • Healthcare Clearing Houses: are organizations that process health care transactions on behalf of providers and insurers.
  • Business Associates: is an individual (non-workforce member) or entity that assists in or performs a function or activity that requires the use or disclosure of PHI on behalf of a covered entity.

Sample of HIPAA Overview Training



Examples of Entities 

  • Hospitals
  • Physician offices
  • Dentist offices
  • Mental and behavioral health specialist
  • Emergency transportation services
  • Nursing homes
  • Urgent care centers
  • Long term care facilities
  • Pharmacies
  • Durable medical equipment providers
  • Medical and healthcare professionals
  • Medical students
  • Laboratories (all types that serve health care providers)
  • Employee welfare benefits plans
  • HR Benefits Staff
  • Self-Insured Employer Group Health Plans
  • Any other arrangement offering or providing health benefits to the employees of two or more employers
  • Fully Insured Employer Group Health Plans
  • Health Insurance providers
  • Issuer of Medicare supplemental policies
  • Issuer of long-term care policies
  • Vision Insurance providers
  • Dental Insurance providers
  • Prescription Drug Insurance providers
  • Medical billing services
  • Collection agencies
  • Legal
  • Medical answering services
  • IT Service and hosting companies
  • Third party administrators
  • Software companies
  • Auditing firms
  • Marketing companies
  • Medical device companies
  • Pharmaceutical companies
  • Transcription companies
  • Medical interpreters
  • Any business that works in the healthcare industry

Additional BA due to the Omnibus rule:

  • Health information exchange organizations
  • Regional health information organizations
  • Patient safety organizations
  • E-prescribing gateways
  • Sub-contractors to direct business associates
  • Billing services
  • Repricing companies
  • Medical reviewers
  • Community health management information systems
  • Value added networks
  • TriCare (formerly CHAMPUS: The Civilian Health and Medical Program of the Uniformed Services)
  • Indian Health Service (IHS)
  • Federal Employees Health Benefit Program
  • Approved state child health plans
  • Medicaid + Choice

HIPAA for Company

HIPAA Compliance For Company

 

HIPAA compliance is the main goal for a healthcare related organization to have necessary safeguards to protect the privacy and security of Protected Health Information (PHI).  The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information.

All healthcare organizations are required to comply with three main standards under an administrative section of the regulation.

Transactions, Code Sets, and Identifiers

Defines the standards for conducting electronic data interchange (EDI) and certain web-based (direct data entry or DDE) administrative health transactions.

HIPAA Privacy: The Standards for Privacy of Individually Identifiable Health Information

A major goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high-quality health care and to protect the public’s health and well-being.

HIPAA Security Rule:  

requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information that is created, received, used, or maintained by a covered entity.

Our following steps and solutions will help companies to understand all the requirements of privacy and security rule so electronic data is protected while it is stored or transmitted due to the safeguards in place to comply with HIPAA.

 

What are steps and solution to become HIPAA compliant Company?

There are 4 steps to achieve HIPAA compliance for a company:

There are 4 main steps to HIPAA compliance for an organization:

STEP 1: TRAINING

  • Comprehensive training for privacy security compliance officer (this is a requirement under the regulation. This person is responsible for ensuring you are HIPAA compliant)
  • Provide HIPAA Awareness Training on HIPAA privacy and security training for all employees with access to PHI.

What solutions you can use to achieve Compliance

IMPLEMENTATION PHASE 1: TRAINING

Awareness Training (1 hour): is handled through our employee training for a company which allows you to offer training to your employees as a self-paced online training which they can take at their own pace and convenience. Students listen to the audio, view slides and can take the course multiple times before taking the test. After students pass the test, the student can download PDF for course completion certificate with a validity of 2-year for compliance record keeping in case you are audited.

Each employee receives PDF for their own HIPAA certificate immediately upon successful completion of the training.

Compliance Officer Training (24 hours duration): This is comprehensive training for employee/owner who is designated as a compliance officer. This person is responsible for ensuring that the company is HIPAA compliant.  After the training officer shall have a better understanding and will be able to oversee all ongoing activities related to the development, implementation and maintenance of the practice/organization’s privacy security policies and standards in accordance with applicable federal and state laws.

This course is comprehensive in nature as the job role requires it. There is no short cut to this training just like if you want to be a doctor, can you take the 1-year course and become MD? Our Client list will show why we are trusted by so many companies.

STEP 2: CREATE COMPLIANCE MANUAL FOR POLICIES, FORMS, AND PROCEDURES (only compliance officer understands step 2, 3 and 4 requirements as awareness training does not address these requirements, that is why you take 24-hour long training)

  • Conduct gap analysis for privacy rule and risk analysis as per the security regulation requirements
  • Create privacy and security policies
  • Complete contingency plan as required in security rule

IMPLEMENTATION PHASE 2: COMPLIANCE MANUAL, FORMS, AND PROCEDURES

Step 2 is handled by our compliance documentation templates which include privacy security forms, policies, and procedures, risk analysis, contingency plan and audit. It is important for the compliance officer to work on these templates after completing the expert level training. It is easy to start implementation process after the training.

Step 3: Implementation of safeguards to protect PHI

  • Protect your computer network so it cannot be hacked (we will test your system like how bad guys try to break into your computer)
  • Install ransomware protection which monitors threat 24 x 7. (this is new generation protection which STOPS encryption of your network)

IMPLEMENTATION PHASE 3: TECHNICAL SAFEGUARD IMPLEMENTATION INCLUDING HACKER & RANSOMWARE PROTECTION

Step 3 is handled by conducting a vulnerability assessment of your network. In this, we will check your network for any vulnerabilities that hackers can exploit and hack your network. We will also add ransomware into all your computers so if antivirus does not catch any bad codes, then our ransomware protection will ensure that your network will not be compromised. We also offer 1 million dollar guarantee on our ransomware solution. With changing cyber security, this layer of protection is needed when anti-virus software cannot protect you.

Cost: $65 to $150 per computer per year

Best solution for Healthcare, insurance and any industry that needs to protect sensitive information and its availability (up to 2 Million Dollar Guarantee)

Step 4: Remediation and ongoing audit

  • Gap and risk found in your analysis need to be corrected so you meet the compliance requirements
  • Conduct ongoing audit to ensure you are in continuous compliance.

IMPLEMENTATION PHASE 4: REMEDIATION AND ONGOING AUDIT

Step 4 is implemented by reviewing the non-compliant areas found during phase 2 & 3 and remediating them to ensure you are in compliance. The ongoing audit will confirm that you are in continuous compliance.

If you need to discuss any of the steps required for compliance or implementation phase, fee. l free to call us or email us.

To learn more about our organizational compliance offerings, simply start by selecting a version from the “Choose Type of Your Company” boxes below. The version will depend on the type of organization you are trying to get HIPAA compliant.

Choose Type of Your Company

Why Choose Us

We are experts in HIPAA and our mission is to make HIPAA training and compliance fast, easy, and painless. We’ve done all the hard
work so you don’t have to. We hope you’ll give us a try and in return we promise exceptional training and compliance products at an
affordable price and to treat each of our customers with the utmost care and fanatical support.

  • Courses created by HIPAA Expert with practical compliance experience and security expert
  • Three different learning methods available to suit your learning needs
  • First choice of compliance officer, consultant & auditors for professional level training
  • Training offered based on job role – basic course of 1 hour to 24 hours for expert level courses
  • Online Course with Audio and PowerPoint slides for easy understanding of content
  • 700 pages printed manual available for comprehensive courses
  • 24 x 7 Access from Anywhere for online courses
  • Online courses compatible with Windows, Apple, iPad and other tablets
  • Instantly print or download Nationally Recognized Certificates
  • After passing certification test, you can use the certification logo on your resume, profile, signature etc
  • Complete compliance documentation manual kit available based on your specific needs
  • Solutions for ransomware and network vulnerability assessment
  • Option to create customized course and onsite training options available
  • Group, university and Colleges discounts available
  • Unlimited Phone and email Support

HIPAA for Individuals

HIPAA Training and Certification for Individuals

Single individual looking to acquire their HIPAA awareness training certificate should take our Individual Training by selecting one of the following categories.  Privacy and security training is combined in one course so no need to take separate courses for privacy and security. This course satisfies the awareness training requirement under HIPAA.  Use certificate of completion (download PDF after completing the course) as a proof for your employer so are allowed access to patients’ health information (PHI). Many medical students also take this course before starting as interns.

If you are an organization looking to train your employees, please go to the HIPAA for Organizations –> Employee Training section.

NEXT STEP: Select the course based on a type of organization that you work for or plan to join from the “Choose Your Version” boxes below. Feel free to call us if you are unsure about the right course for you.

Choose Your Version

 

Why Select Our Training?

  • 24 x 7 access from anywhere for self-paced online courses
  • One course for $25 to meet privacy and security awareness training requirement
  • Courses created by HIPAA Expert with practical compliance experience and security expert
  • Course updated for HITECH,Omnibus rule, meaningful use, and breach notification
  • Instantly print or download Nationally Recognized Certificates
  • Complete your course in one hour and get certification
  • Online course with audio and powerpoint slides for easy understanding of training
  • American Disability Act (ADA) complaint course format and delivery
  • 56 pages printed color manual available for purchase
  • Online courses compatible with windows, apple, iPad and other tablets
  • Option to upgrade to Certified HIPAA privacy Associate (CHPA) credential. Spanish Version available too for CHPA.
  • Complete compliance solution available based on your specific needs
  • Group, university and Colleges discounts available
  • Unlimited Phone and email Support

Each student receives their own HIPAA certificate online immediately upon successful completion of the training in PDF format which can be printed, emailed  or saved for future use.

certified-hipaa-privacy-associate

HIPAA for Patients

Resources and Free Training for Patients

As a patient, you have rights under HIPAA, how your information may be used or shared, how companies are required to protect it, and how to file a complaint if you think your rights were violated.

The goals of our training are to ensure that as a patient you understand what does notice of privacy mean to you, who can have access to your information without your permission, what to before you file for any compliant, and avoid any false complaint.

Free HIPAA Resources for Patient

Individuals’ Right under HIPAA

Individuals-Right-under-HIPAA-May2016

Our Clients

Other Trainings and Services

Access the training on your Windows PCs, Apple Macs, iPads, iPhones, Android Tablets, Android Phones,and more

Complete your training online on any device, anywhere, anytime 24 x 7.

AUTHORIZED TRAINING PARTNER FOR HIPAA CERTIFICATION TRAINING

HIPAA CERTIFICATION TRAINING Resell our HIPAA Certification courses to your clients. Bundle
or products with your services and make your clients happy. Email Bob@Supremusgroup.com for more details.

More Details