FREQUENTLY ASKED QUESTIONS.
Have a question about our programs? We've compiled many of the most commonly asked questions about our programs below. If you don't see your question, please Contact Us.
The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that is primarily known for the provisions pertaining to patient medical records privacy and security.
Healthcare providers, plans, and organizations must comply with HIPAA if they perform certain insurance related transaction electronically.
Additionally, any organization that handles protected health information as a contractor for a healthcare provider or plan will also be required to comply with HIPAA pursuant to a Business Associate Agreement.
There are exceptions though, please see our Knowledge Base answer for a more in-depth answer
If HIPAA applies to you, you must train your employees. The regulations are very clear on that fact.
Except for independent contractors (who would need to have a Business Associate Agreement) anyone with access patient records must be trained. This includes volunteers, interns, and student. If they have access, they need to be trained, regardless if they are paid or not. This group of people are called your "workforce" in the regulations.
Through a random audit or compliance review, if the Department of Health and Human Services (HHS) discovers that your workforce is untrained, financial penalties could be assessed simply because of the lack of training.
However it is far more likely that the untrained employee is responsible for or involved in a breach or patient complaint; after all, they may not know anything about HIPAA. At that point, HHS will come in and review your office. The lack of training (or documentation of training) of that employee can greatly enhance the penalty for the breach, from the minimum $25,000 per year, up to a maximum of $1.5 million per year. The fine is greatly dependent on all of the circumstances surrounding the breach or complaint, but the lack of training will always make it worse. Training your workforce with YHT is both efficient and inexpensive. There is no reason to risk it; absolutely no reason.
Training your workforce is required by the regulations, however there are many other things you'll have to do. Luckily, our Advanced Training course covers all of these other requirements. The advanced training and our customizable sample forms, agreements, and policies give you all the tools you need.
YHT membership comes with:
- Bank of forms, including a Notice of Privacy Practices, Business Associate Agreement, Patient Authorizations, and more
- Sample office policies for you to customize to your office
- A Planbook to contain all of your policies and forms
- Checklists, internal forms, and instructions for all the different requirements
- New materials added all the time, based on your feedback; if we don't have something our members ask for, we make it
YHT provides efficient on-demand HIPAA video training for healthcare offices and business associates across the U.S. Our goal is to answer every possible HIPAA question, provide every needed sample form or policy, and give you the tools to make your office HIPAA compliant.
The only other real option, aside from hiring an attorney, is in-person trainers. They will come to your office, train your staff all at once, and leave. Trainers are expensive; you have to pay the trainer thousands AND shut down to train your team. New hires present another problem, you cannot wait 11 months to train a new employee. Ideally, they should be trained before they are given access to your patient's records. It is also difficult to know the quality of a trainer before they show up. Unless part of a larger program, they also rarely provide materials like forms and policies.
Perhaps the only real advantage to an in-person trainer is that they are available to answer question on that one or two days To mitigate this disadvantage, we have created the Knowledge Base to answer any questions you may have, whenever you have them.
Our course runs right from the browser, so any device or operating system can run our training videos. Our other materials either come in Word documents and/or PDF. Generally, just about any system capable of playing a internet video can play our course.
Not at all. You and your staff can begin training immediately after your purchase. All training modules are hosted online — no download of HIPAA software is required.
The basic training, done all at once, takes a little under an hour; including the videos and quiz. However, there is no need to do it in one sitting, each trainee can individually work through the course at their own pace.
The first place you should check is the Knowledge Base. If your question isn't answered, each Knowledge Base article has links to further information. If if still isn't answered, you may submit the question to us in the member area. While we cannot give out specific advice based on your specific circumstances, we will do our best to point you to the relevant information.
We’re glad you asked! With clients in all 50 states, CEDR HR Solutions is the #1 provider of individually customized, HR-compliant medical and dental office employee handbooks and a leading provider of on-demand HR support. Through high-quality policies, support and training, we help practices of all sizes and specialties to manage risks and avoid lawsuits, saving you money, stress, and time. CEDR’s other product offerings include risk management, Associate Doctor Agreements, Dental Hygienist Contracts/Agreements, and of course, HIPAA compliance training. Our team is composed of experts in the field of employment law, including attorneys, researchers and HR professionals.