Introduction to HIPAA Workplace Training
Employees in the healthcare industry are required by the federal law known as the Health Insurance Portability and Accountability Act, or HIPAA, to protect people’s sensitive health information. Managing or handling this type of information, also known as protected health information, or PHI, is serious business, and if you aren’t compliant with HIPAA, you and your organization could face steep penalties.
What Is Included in HIPAA Law?
What is HIPAA?
So, who must comply with HIPAA? There are two main types of entities: Covered Entity and Business Associate. In short, everyone who handles and manages PHI must comply with HIPAA law.
A subcontractor is a third-party organization that is contracted by a HIPAA-covered entity or business associate to provide services or functions that involve the use or disclosure of protected health information (PHI). Subcontractors must be contractually obligated to meet the same HIPAA compliance requirements as the covered entity or business associate.
Any vendor who helps a covered entity create, receive, maintain, or transmit PHI is considered a business associate (such as a healthcare provider or insurer). Under HIPAA and its related regulations, business associates must enter into a written agreement with the covered entity that provides assurance that the business associate will use and disclose PHI only as permitted or required by the contract or as required by law.
Healthcare providers and those who work at healthcare clearinghouses or health plans are considered covered entities. Health plans include health insurance companies and employee health plans. If an entity has healthcare as one of their many business functions, it is called a hybrid entity. With a hybrid entity, the entire organization does not have to comply with HIPAA, but the healthcare component within that organization does.
HIPAA Violation Liabilities
Let’s learn about liabilities for organizations and individuals who violate HIPAA.
Here are some myths to look out for:
- -
Organizations can be fined more than 1 million dollars for each violation of a HIPAA provision.
- -
Plus, state laws may also impose penalties.
- -
In certain situations employees could be fined personally or even imprisoned for violating HIPAA!
- -
HIPAA violations can also result in tarnished reputations for individuals and organizations.
The Importance of HIPAA Training for Covered Entities
Helping over 8,000+ organizations create a safer, more inclusive company culture.
EasyLlama’s online training course helps prepare employees to navigate HIPAA. This course provides an in-depth examination of how to respond to a breach of confidential data and the best way to protect your patients. The course covers: