Which course should I take to meet the HIPAA Training requirement?

If you are a HIPAA Privacy Security compliance officer or part of the core compliance team then consider a comprehensive level CHPSE course. If you are an employee who has access to PHI but is NOT responsible for HIPAA compliance then takes the one-hour employee training ($25). Use our flowchart to decide on the right level of course for you.

First, you need to decide which category you fall into. We have 8 categories:

1. Healthcare Provider– Any single individual who works for an organization that provides preventive, curative, promotional, or rehabilitative health care services in a systematic way to patients, people, families, or communities.

Examples of Healthcare Provider is Hospitals, Private Clinics, Doctors, podiatrist, Physicians, Neurosurgeons, Ophthalmologist, Nurses, psychologist, Medical Schools, Plastic Surgeon, Medical Students, Orthopedist, Pediatrician, Medical Office Staff, clinical optometrist, Pharmacies, Dentists, Nurse practitioner, Chiropractors, Allergist, Anesthesiologist, Physical Therapists, ENT Specialist, Massage Therapists, Dermatologist, Radiologists, nurse-midwife, Cardiologists, Hospice, Gastroenterologist, Nursing Homes, Gynecologist, General Psychiatrist, Home Health, Gynecologist, Durable Medical Equipment providers, clinical social worker, Audiologist, Gastroenterologist, Psychiatrists, Rheumatologist, etc.

2. Mental Health Provider – Any single individual who works or will work in the future for an organization involved in the direct medical treatment of patients involving mental health.

Examples of mental health providers are Psychologists, Mental health counselors, psychiatrists, Addiction counselors, Psychoanalysts, Clinical social workers, Psychiatric Nurses, Behavioral services, Psychotherapists, Mental health programs, Family and marriage counselors, Religious Counselors, Art Therapist, Psychiatric Pharmacists, etc.

3. Business Associate– Any single individual who works or will work in the future for a company that offers services or products to health care entities, health plans, health insurance providers, or other business associates and will have access to protected health information (PHI).

Examples of business associates are Medical couriers, Medical Billing, Business processing outsourcing (BPO) providers, Document/record storage, Medical transcription services, Insurance brokers (take a course designed for insurance brokers), Document disposal (shredding) companies, Answering services, CPAs, Third-party administrator (TPA), Software companies, Patient safety or accreditation organizations, Pharmaceutical representatives, e-prescribing gateways and other HIOs, Medical device manufacturers, Pharmacy benefit managers, Collection Agencies, Attorneys, Health information exchanges (HIEs), Actuaries, Marketing services, Cleaning services, Asset Recyclers, Researchers (if performing HIPAA functions for a covered entity), Accounting services firm, Auditors, Healthcare Consultants, Financial institutions (if engaging in accounts receivable or other functions extending beyond payment processing), Cloud vendors, etc

4. Insurance Brokers and Agents– Any single individual who works for an organization that provides health insurance brokerage or administration services for employer group health plans.

Examples of Insurance Brokers and Agents are Insurance Brokers, Insurance Agents, Benefits Management Services, Third Party Administrators.

5. Employer and Group Health Plans– Any single individual who works in the HR benefits staff for an organization involved in sponsoring and managing group health plan benefits for its employees

Examples of Employer group health plans are HR benefits staff for employers who sponsor group health plans (self-insured and fully insured) for their employees such as medical health plans, dental, vision, flexible spending accounts, etc.

6. Call Center Organization – The call center is a centralized office used for receiving or transmitting a large volume of requests by telephone or chat.

Examples of healthcare-related call centers are Billing, Collection, Patient Communication, Medical insurance, Dental insurance, Vision insurance, Medical answering services.

7. Research Organization – For HIPAA purposes “Research” is defined as any systematic investigation (including research development, testing, and evaluation) that has as its primary purpose the development of, or contribution to, generalizable knowledge. This is intended to cover human subject research involving IIHI, not research on data that have been de-identified in accordance with 45 CFR 164.502(d), and 164.514(a)-(c).

Examples: A university that conducts human subject research projects, an independent research organization, medical schools, Laboratories doing research, pharmaceutical companies, and others.

8. Law Enforcement and Public Safety Professional is a government employee who is a sworn officer of the city or county or state who acts in an organized manner to enforce the law by preventing, investigating, apprehension, discovering, deterring, rehabilitating, or punishing people who violate the rules and norms governing that society.

Examples are Government employees & contractors working in the Fire Department, Law Enforcement, Emergency medical technicians, Public health officials, Hazardous materials professionals, Public safety communications representatives, Public Works officials, Emergency managers, Justice & Court employees, Department of Corrections, FEMA, FBI, U.S. Marshals, and others.

Once you have decided on which category you fall in next step is to select the right level of the course.


Other Related Questions

Do we need any additional training if we have headquartered in Texas or have locations in Texas or work with health care providers in Texas?

Do I need to take the one-hour HIPAA employee course, Certified HIPAA Privacy Associate (CHPA) training course, or both?

I am a medical student. Do I need to take the One Hour HIPAA Employee Training course, CHPA course, or both?