Pleasanton Attorneys Offer HIPAA Compliance Training

Protecting your business from noncompliance penalties

In 1996, Congress passed the Health Insurance Portability and Accountability Act, commonly called HIPAA, to force healthcare providers and other entities to update their handling of medical records for the digital age. The primary reason for the legislation was to protect patient privacy. Yet, almost 30 years later, organizations still struggle to remain HIPAA compliant, and risk onerous sanctions for breaches of this duty. At Garcia & Gurney, A Law Corporation in Pleasanton, we believe in the principles behind HIPAA. We want to help business entities comply with the law for the sake of patients who deserve privacy, but also to avoid costly penalties. We offer training in HIPAA compliance so you can be certain that your workers know the protocols and that your organization is doing everything possible to reduce any chance of a breach.

What types of employees need HIPAA compliance training?                                        

HIPAA applies to a variety of organizations, which are legally required to comply with the rules for handling personal health information (PHI refers to any healthcare information that contains an identifier linking a specific patient to healthcare information). The law requires covered entities to conduct periodic training for all employees.

Covered entities include a wide range of healthcare providers, including:

  • Chiropractors
  • Clinics
  • Dentists
  • Doctors
  • Pharmacies
  • Psychologists
  • Psychiatrists
  • Hospitals
  • Skilled nursing facilities
  • Health insurance companies
  • Medical billing companies

But HIPAA also covers healthcare business associates, who also have access to PHI, such as:

  • Attorneys
  • CPA firms
  • Data storage firms and cloud service providers

Any employee of a covered entity or business associate should receive HIPAA compliance training as part of their onboard training. Employers are also required to schedule shorter refresher courses on a periodic basis.

What is included in HIPAA compliance training?

Our training covers every aspect of the law your employees must understand. We start with an overview of the law and important definitions, then proceed to explain:

  • The HITECH Act — This 2009 law incentivized the use of information technology in healthcare and requires HIPAA-covered entities to report privacy breachers.
  • HIPAA Omnibus Final Rule — This 2013 update to HIPAA changed the Security Rule and Breach Notification portions of the HITECH Act to include employees of healthcare business associates.
  • HIPAA Privacy Rule — This cornerstone of the law created standards for the allowable uses and disclosures of PHI.
  • HIPAA Security Rule — This rule covers technology requirements for the storage of electronic PHI.
  • HIPAA Patient Rights — HIPAA grants patients the right to control their PHI.
  • HIPAA Disclosure Rules — Workers must understand when it is permissible to disclose PHI to a family member or other third party.
  • HIPAA Violations — We explain the potential consequences of mishandling PHI and the best ways that employees can mitigate the harm to patients and the organization. We also illustrate the most commonly occurring violations and how workers can prevent those breaches.

A knowledgeable employment lawyer at our firm provides in-depth explanations of all facets of the law.

How our firm can help when organizations breach their HIPAA compliance duties

A breach of compliance can be costly for your organization. An unknowing violation carries a penalty of $100 to $50,000 per violation. A violation due to a reasonable cause can cost from $1,000 to $50,000 per violation. A violation due to willful neglect, but corrected within the required time period, draws a penalty of $10,000 to $50,000 per violation. Finally, a willful neglect violation that is not corrected within the required time period can cost $50,000 per violation.

In certain cases, the Department of Justice could bring criminal charges as well. Our firm can take timely action to mitigate the harm to your organization.              

Contact our employment law firm in Pleasanton for HIPAA compliance training

Garcia & Gurney, A Law Corporation in Pleasanton provides HIPAA compliance training throughout the Bay Area. To learn more, call us today at 925-468-0400 or contact us online.