Course Content
Introduction To HIPPA
This module introduces you to HIPAA and explains why it was created. You'll learn key terms that will be used throughout the course, such as PHI, Covered Entities, and Business Associates. All of these are foundational to understanding your role in compliance.
0/2
What is HIPPA?
Key HIPPA Terms
The Privacy Rule
Here, you'll explore the HIPAA Privacy Rule and how it governs the use and sharing of patient information. You’ll understand what rights patients have over their health data and what situations allow or require disclosure.
0/3
What The Privacy Rule Covers
Patient Rights Under HIPPA
Permitted & Required Disclosures
The Security Rule
This module focuses on protecting electronic protected health information (ePHI). You'll learn how to secure data using administrative, physical, and technical safeguards — and how to assess and reduce risks in your workplace.
0/2
Administrative, Physical, and Technical Safeguards
Risk Assessments and Mitigation
Breaches and Enforcement
In this section, you'll learn what counts as a HIPAA breach, how and when to report it, and what legal consequences can follow. Real-world examples will help you recognize and prevent violations before they happen.
0/3
What Constitutes a Breach?
Breach Notification Requirements
Civil & Criminal Penalties
Workplace Compliance
The final module brings everything together. You’ll get practical tips for maintaining HIPAA compliance in daily operations — from patient check-ins to emails and documentation.
0/4
Best Practices for Front Desk & Clinical Staff
HIPAA & Technology
Policies, Training & Documentation
What Did You Learn?
HIPAA Essentials: Safeguarding Patient Privacy in Healthcare

Violating HIPAA can come with serious penalties — both civil and criminal.

Civil Penalties (Per Violation, 2024 Ranges):

  • Tier 1 (Unaware, would not have known): $137–$63,973

  • Tier 2 (Reasonable cause, not willful): $1,379–$63,973

  • Tier 3 (Willful neglect, corrected): $13,785–$63,973

  • Tier 4 (Willful neglect, not corrected): $68,928–$2,000,000+

Criminal Penalties:

  • Up to $50,000 and 1 year in prison for knowingly obtaining PHI

  • Up to $250,000 and 10 years in prison for malicious intent (e.g., selling PHI)

Real-World Case Study:

A hospital employee accessed the records of over 1,000 patients without permission. They were fired, the hospital was fined $2.15 million, and it led to a major public relations crisis.

Lesson: Just because you can access records doesn’t mean you should. Every access must have a legitimate purpose.

📝 Case Study: Analyze a Real-World HIPAA Violation

Scenario:
A nurse posts on Facebook about “a crazy patient in Room 204 who bit someone.” She doesn’t use the patient’s name, but she tags the hospital.

Question:
Is this a HIPAA violation?

Answer:
Yes. Even without using the patient’s name, enough identifiable context is present (room number, facility) to potentially identify the patient. This is an unauthorized disclosure of PHI.

Previous
Next