Course Content
Introduction To HIPPA
This module introduces you to HIPAA and explains why it was created. You'll learn key terms that will be used throughout the course, such as PHI, Covered Entities, and Business Associates. All of these are foundational to understanding your role in compliance.
0/2
What is HIPPA?
Key HIPPA Terms
The Privacy Rule
Here, you'll explore the HIPAA Privacy Rule and how it governs the use and sharing of patient information. You’ll understand what rights patients have over their health data and what situations allow or require disclosure.
0/3
What The Privacy Rule Covers
Patient Rights Under HIPPA
Permitted & Required Disclosures
The Security Rule
This module focuses on protecting electronic protected health information (ePHI). You'll learn how to secure data using administrative, physical, and technical safeguards — and how to assess and reduce risks in your workplace.
0/2
Administrative, Physical, and Technical Safeguards
Risk Assessments and Mitigation
Breaches and Enforcement
In this section, you'll learn what counts as a HIPAA breach, how and when to report it, and what legal consequences can follow. Real-world examples will help you recognize and prevent violations before they happen.
0/3
What Constitutes a Breach?
Breach Notification Requirements
Civil & Criminal Penalties
Workplace Compliance
The final module brings everything together. You’ll get practical tips for maintaining HIPAA compliance in daily operations — from patient check-ins to emails and documentation.
0/4
Best Practices for Front Desk & Clinical Staff
HIPAA & Technology
Policies, Training & Documentation
What Did You Learn?
HIPAA Essentials: Safeguarding Patient Privacy in Healthcare

To understand HIPAA, it’s important to get familiar with the common terms used throughout the law. These will appear again and again in your training, so let’s break them down:

1. PHI (Protected Health Information):

Any information about a person’s health, treatment, or payment for healthcare that can identify them. This includes:

  • Names

  • Dates (birth, admission, discharge)

  • Social Security numbers

  • Medical record numbers

  • Phone numbers

  • Email addresses

Even if the info seems harmless, if it can be linked back to a person, it’s PHI.

2. ePHI:

Electronic Protected Health Information — any PHI stored, accessed, or shared electronically.

3. Covered Entity:

Any organization that directly handles PHI. This includes:

  • Healthcare providers (doctors, nurses, clinics, hospitals)

  • Health plans (insurance companies)

  • Healthcare clearinghouses

4. Business Associate:

A person or company that performs services for a covered entity and may handle PHI. This could be:

  • Billing companies

  • IT support teams

  • Law firms

  • Third-party vendors

They must also follow HIPAA rules and usually sign a Business Associate Agreement (BAA).

5. Minimum Necessary Rule:

Only access or share the least amount of information needed to do your job. Don’t overshare, even with coworkers.

6. De-Identified Information:

PHI that has been stripped of all identifying elements (like name, DOB, MRN) so that it can’t be traced back to a person. De-identified info is not protected under HIPAA.

By learning these terms, you’re laying the groundwork for HIPAA compliance. Understanding what you’re protecting is the first step in knowing how to protect it.

Previous
Next