Skip to content.

Full Length

HIPAA For Employee Medical Privacy

Course Preview


Try it for free!

We respect your privacy and won’t share your information with outside parties. View our privacy statement.

Thank you for your interest in our online compliance training solutions. A NAVEX representative will contact you shortly. If you have any immediate questions, please give us a call 1-866-297-0224.

At a glance

Course Length
Course Types
Full Length
Information Security Training
HIPAA - Health Insurance Portability and Accountability Act
Rich Media

Managers may be exposed to a variety of types of private information about their employees: health issues, accommodation needs and other medical information. Do they know how to safeguard it? The answer to that question is quite critical, because even for organizations not covered under HIPAA, this personal information must be carefully protected and kept confidential, both to comply with other important laws and to maintain employee trust.

This course takes a closer look at the safe storage and handling of this private employee medical information. Designed for organizations that are not considered covered entities or business associates under HIPAA, it explores the types of medical information managers may come across and the best practices for handling it. It also provides an overview of important laws that govern the confidentiality of this information and key processes and procedures for responding to improper disclosures.

When managers protect employee private health information, it instills trust – and that’s key for a healthy, productive work environment. This course gives managers the tools to build and maintain that trust by safely and effectively handling private health information in accordance with their organization’s policies and the law.

Course Details

All Learners

Key Concepts Covered In This Course:

  • Definition of PHI and common identifiers
  • Guidelines for the use, disclosure and safeguarding of PHI
  • Authorized and unauthorized disclosures
  • Disclosing PHI to family
  • Patient rights under HIPAA
  • Guidelines for protecting ePHI
  • Unique risks associated with technology and ePHI
  • Administrative, physical and technical safeguards for ePHI
  • What constitutes a breach
  • Common pitfalls that can lead to breaches
  • Notification and reporting requirements
  • When to raise concerns or seek help
  • Assurance the organization will investigate reports and take action as necessary
  • A restatement of non-retaliation policy
  • The value of each employee in preserving the organization’s reputation and maintaining an ethical workplace