HIPAA Training in Illinois

HIPAA training in Illinois is offered to healthcare professionals, administration, and staff members who handle health information and patient medical records. Doctors and nurses are among the professionals who are required by law to undergo HIPAA training. The training program is typically one to four hours in length, and can be issued on the job or offsite. Most employers offer online training options to accommodate the busy schedules of their employees. The HIPAA law was approved in the mid-1990s and requires anyone who deals with patient information to understand the privacy and security that is attached to handling this sensitive information.

Narrow your search:

Robert Morris University

Bachelor
Allied Health
Chicago, Aurora

HIPAA Privacy

Medical practicioners have important responsibilities regarding the care of their patients' health. But they also have a government-mandated responsibility to safeguard their patient's personal health information. This guide will give a brief summary of the HIPAA Privacy rule protects patient information.

The Privacy Rule protects the use and sharing of "individually identifiable health information." This type of information includes the patient's:

Name
Address
Date of Birth
Social Security Number (SSN)
Physical or mental health condition in the past, present, or future
Provision for health care
"Past, present, or future payment for provision of health care"

Covered entities, or those groups compelled to comply with HIPAA laws, are required to obtain the patient's written consent for the disclosure of any protected information that is not shared to facilitate "treatment, payment, or health care operations." There are no restrictions on de-identified health information. HIPAA privacy regulations don't restrict information that does not provide reasonable information to identify an individual. The only ways to properly de-identify information is to have a qualified statistician make a determination or remove specified information regarding the individual as well as their relatives, household members, and employers. In order for de-identification to be valid, the covered entity must have no "actual knowledge that the remaining information could be used to identify the individual."

The regulations apply to a variety of organizations.

Compliance is not just for big hospitals or health practices. Any organization that transmits patient information electronically must comply as well, including:

Health plans, such as individual and group polices that provide health, prescription, dental or vision coverage
Health care providers, such as dentist, chiropractors, and other practitioners
Clearinghouses, such as billing services, management information systems, etc

Not sure if you're considered a covered entity? Find out by visiting the Department of Health and Human Services website.

You must comply with these regulations to protect patient information and your organization.

Covered entities are required to implement privacy policies and procedures, appoint an internal privacy official, train the necessary staff, and safeguard patient data. In addition, health care providers and plans must notify patients regarding their privacy rights under HIPAA.

The good news is that HIPAA requirements are scalable, meaning that, for example, it's not necessary for a one-doctor practice to hire full-time personnel dedicated to privacy management issues. Instead, the privacy officer role might be filled by an office manager or assistant. In contrast, a large hospital might invest in a full-time staff member or assemble a privacy board to ensure the proper implementation of the law.

You can be fined for non-compliance.

The group responsible for overseeing HIPAA compliance, the Department of Health and Human Services, assesses fines based on the nature of the violation. The fines range from $100 per violation to up to $50,000 per violation. In addition, if the Department of Justice (DOJ) deems that individuals who work for the entity, such as officers, management, or staff, knowingly violated the law, criminal charges may be filed.

HIPAA training is available to guide you through compliance.

The law doesn't dictate how staff members should be trained on these regulations, which means that you could simply provide team members with a copy of the privacy policy and then document that they have reviewed them. However, the HIPAA Privacy rule is complex; you might consider investing in a qualified HIPAA training course that ensures your staff has the information it needs to properly protect patient information. HIPAA privacy compliance is an integral part of running your organization. Make sure you and your staff know what to do to safeguard patient information.