This training must take place before April 14, 2003. All new employees must receive HIPAA training as part of their initial orientation to your practice.

Privacy is very important in health care and training your staff to understand the regulations can help to avoid accidental disclosures of information and privacy complaints from patients. Annual privacy training is strongly advised for your practice.

Everyone that handles protected health information (PHI) should be trained in the HIPAA regulations. Everyone who works in your office should be trained about confidentiality.

What does my staff need to know about HIPAA?
They should understand the patient rights listed in the Notice of Privacy Practices (NPP) and how to handle any questions or requests by a patient. Having good policies and procedures in place, and having your staff familiar with them, is the best place to start. All physicians, staff, employees, and contract personnel should sign a confidentiality agreement.

Everyone in your office should be trained about patient confidentiality including your cleaning service and maintenance people.

How do I prove training took place?
Use a sign-in sheet, keep an agenda of issues covered, and document your staff’s training in their employment records. You should retain HIPAA training records for six (6) years.