HIPAA Compliance

If you are just starting your career in the health care field, HIPAA Compliance training is a priceless addition to your resume. This course provides an understanding of the compliance requirements of HIPAA, and subsequent rules and laws that affect HIPAA.

6 Weeks / 24 Course Hrs
Currently Enrolling
Offered in partnership with your preferred school


Change School
Learning method

Course code: hip

Are you a health care professional or considering a career in the health care industry, or do you provide services to a health care organization? If the answer to any of these questions is yes, then it is mandatory that you understand the compliance requirements of HIPAA, and subsequent rules and laws that affect HIPAA. These laws require all health care professionals to take careful steps to protect sensitive health information. In this course you will examine the compliance process. You will focus specifically on the Administrative Simplification portion of HIPAA. This course will give real world examples to explain the Privacy rule. You will examine what is meant by covered entities, business associates, and many other relationships within the health care industry impacted by HIPAA. You will understand how computers fit into the Security Rule and examine many types of safeguards, which are crucial components of the Security Rule. You will also learn about the Office for Civil Rights, HIPAA's watchdog organization.

By the time you finish this course, you will be confident and capable of implementing HIPAA's Administrative Simplification rules, and the laws impacting it, in your own organization. If you are just starting your career in the health care field, you will have a priceless addition to your resume.

What you will learn

  • Learn about the Administrative Simplification portion of HIPAA
  • Learn about transactions, code sets, and identifiers, which are all key elements in the HIPAA-mandated electronic health care transmissions
  • Discover the Privacy Rule, which governs patient rights and disclosure of protected health information
  • Learn how computers fit into the Security Rule
  • Learn about administrative safeguards, physical safeguards, technical safeguards, and policy and procedure creation
  • Learn about the civil and criminal penalties for non-compliance

How you will benefit

  • Understand and comply with the requirements of HIPAA
  • Know how to best protect patient confidentiality
  • Gain a priceless addition to your healthcare resume

How the course is taught

  • Instructor-led or self-paced online course
  • 6 Weeks or 3 Months access
  • 24 course hours

The first lesson will lay out the foundation of HIPAA so that you'll understand the motivation behind the law. It will focus specifically on the Administrative Simplification portion of HIPAA and give you a good idea of its goals. As with any law, noncompliance comes at a price, so you'll also take a look at the penalties involved for anyone who ignores HIPAA's requirements.

Are you interested in working in a medical or dental office, an insurance company, or a government agency like the Centers for Medicare and Medicaid Services or the Department of Health and Human Services? All of these organizations are subject to HIPAA, and all of them have to work together. In this lesson, you'll learn which groups must comply with HIPAA's rules and standards as they gather and transmit health-related information. By the time you're done with this lesson, you'll know the difference between a covered entity, a business associate, and a trading partner.

It's time to put your newfound lingo to use. The overriding goal of HIPAA is to protect personal health information. In this lesson, you'll identify the 12 types of electronic transactions that HIPAA covers. You'll also take a peek at the code sets and identifiers used in these transactions. Transactions, code sets, and identifiers are key to your understanding of HIPAA, and this lesson will put those pieces of the puzzle together.

What happens if you or your employer violates the Privacy Rule? Could a court fine you or even send you to jail? What if the privacy breach was unintentional, and you tried to fix it as soon as you found out? Would that have any effect on your punishment? In this lesson, you'll answer these questions and many others as you delve into the administrative requirements of the Privacy Rule. You'll find out about civil and criminal penalties for noncompliance and wrongful disclosure of protected health information.

Now that you understand the Privacy Rule, you'll take the next step and delve into the requirements for using and disclosing protected health information (PHI). HIPAA has two types of disclosures: required and permitted. At the end of this lesson, you'll understand the difference between the two. Another concept that figures heavily into the entire HIPAA picture is minimum necessary. You'll see how this concept fits neatly into the issue of PHI disclosures.

Under HIPAA, patients have seven fundamental privacy rights. You'll examine those rights in this lesson and find out what procedures HIPAA requires to ensure that patients can access their own medical information and control how others disclose that information. You'll also see how state laws can expand on HIPAA's provisions.

The Security Rule is the companion to HIPAA's Privacy Rule. In this lesson, you'll turn your attention to the concept of information security. Security has its own key terms, and you'll spend some time on them so that you'll be familiar with their meanings. If you don't know the difference between a hacker and a spoofer, you will by the time this lesson is done! The lesson will also address the various threats that can exist when you electronically handle and transmit protected health information.

How common are security breaches in the real world, and what effects can they have? As you continue to investigate HIPAA's Security Rule, you'll explore its fundamental approach to addressing security. You'll examine the philosophy and principles behind the Security Rule, then go over the standards for implementation and learn which ones are required and which are simply addressable. You'll also examine the frequency and costs of some real-life security breaches, which will help you understand why effective security practices matter so much.

The Security Rule covers three major areas: administrative safeguards, physical safeguards, and technical safeguards. By the end of this lesson, you'll understand what administrative safeguards are and how they could affect you at your job.

Continuing the journey into HIPAA's Security Rule, in this lesson, you'll examine the philosophy and principles behind the Security Rule. You'll go over the standards for implementation and learn which ones are required and which are simply addressable. You'll also take a look at some real-life security breaches, which should emphasize the need for good security practices.

The previous lessons emphasized how important it is for your organization to comply with HIPAA, but what if one of your business associates fails to comply and leaves your patients' data exposed? In recent years, the federal government has tightened up rules related to business associates and security breaches. In this lesson, you'll explore the rules and laws about compliance and business associates. By the time you're done, you'll understand the basics of a business associate agreement.

When it's time to begin creating your own policies and procedures to implement HIPAA, it helps to have a framework to follow. That's what this lesson will give you: a description of the most common frameworks available so that you can choose the one that best suits your organization. You'll also look at some healthcare trends so that you'll have an idea of what the future holds for HIPAA.

Carline Dalgleish

Carline Dalgleish has worked in medical office administration for over 30 years. She holds a bachelor's degree in Business Information Systems, a master's degree in Leadership, and a post-baccalaureate certificate in Health Information Management. She is a Registered Health Information Administrator and an AHIMA Approved ICD-10-CM/PCS Trainer. Dalgleish is the author of an ICD-10 coding system and also owns her own consulting firm, AnnGrant Educational Services.

Instructor Interaction: The instructor looks forward to interacting with learners in the online moderated discussion area to share their expertise and answer any questions you may have on the course content.


There are no prerequisites to take this course.


Hardware Requirements:

  • This course can be taken on either a PC, Mac, or Chromebook.

Software Requirements:

  • PC: Windows 8 or later.
  • Mac: macOS 10.6 or later.
  • Browser: The latest version of Google Chrome or Mozilla Firefox are preferred. Microsoft Edge and Safari are also compatible.
  • Adobe Acrobat Reader.
  • Software must be installed and fully operational before the course begins.


  • Email capabilities and access to a personal email account.

Instructional Material Requirements:

The instructional materials required for this course are included in enrollment and will be available online.

Instructor-Led: A new session of each course begins each month. Please refer to the session start dates for scheduling.​

Self-Paced: Your course begins immediately after you enroll.​

Instructor-Led: Once a course session starts, two lessons will be released each week for the 6 week duration of your course. You will have access to all previously released lessons until the course ends. You will interact with the instructor through the online discussion area. There are no live sessions or online meetings with the instructor.

Self-Paced: You have 3 months of access to the course. After enrolling, you can learn and complete the course at your own pace, within the allotted access period. You will have the opportunity to interact with other students in the online discussion area.

Instructor-Led: The interactive discussion area for each lesson automatically closes two weeks after each lesson is released, so you're encouraged to complete each lesson within two weeks of its release. However, you will have access to all lessons from the time they are released until the course ends.​

Self-Paced: There is no time limit to complete each lesson, other than completing all lessons within the allotted access period. Discussion areas for each lesson are open for the entire duration of the course.

Instructor-Led: Students enrolled in a six-week online class benefit from a one-time, 10-day extension for each course. No further extensions can be provided beyond these 10 days.​

Self-Paced: Because this course is self-paced, no extensions will be granted after the start of your enrollment.