With data security breaches on the rise, healthcare providers are finding it more challenging than ever to protect the privacy of individuals’ health information and remain HIPAA-compliant.
More than 37 billion individual records were exposed in data breaches in 2020, a 141% increase from 2019, according to Risk Based Security, which provides clients with data breach intelligence. Healthcare was the most victimized sector, representing more than 12% of all breaches. Considering that HIPAA fines can range from $100 to $50,000 per incident, failing to address HIPAA violations can be ruinous for many small businesses.
We reviewed the best HIPAA training providers based on the types of training offered, the convenience of the training courses, quick access to certificates, and additional support to help businesses keep their employees trained and compliant.
Best Overall : HIPAATraining.com
HIPAATraining.com has been in the HIPAA compliance space for more than 18 years and offers a full range of training and certification for individuals and organizations. We chose it as the best overall training provider because it is a one-stop shop that clearly outlines the training process for all types of professionals, making it easy to administer and track the results of all training courses.
All courses are created by HIPAA experts and are available for review for 90 days after purchase. Course attendees can retake the course as many times as necessary until they pass and print a HIPAA certificate and wallet card upon completion. Certificates are valid for two years, and Spanish language versions also are available for each HIPAA Training course.
HIPAATraining.com provides a simple shopping experience to help companies recertify their employees. A shared multi-user login for employees means there is no need to create multiple usernames and passwords. Certificates and transcript scores are automatically emailed to the account administrator along with detailed training logs.
HIPAATraining.com offers online courses that can be accessed 24/7 from any computer or smart device and are available for the following audiences:
- Healthcare Providers
- Mental Health Providers
- Business Associates
- Insurance Brokers and Agents
- Employer Group Health Plan Administrators
Prices are based per seat:
- 1 to 9 seats ($29.99 per seat)
- 10 to 24 seats ($24.99 each)
- 25 to 49 ($23.99 each)
- 50 to 99 ($22.99 each)
- 100 to 199 ($19.99 each)
- 200 to 299 ($14.99 each)
- 300+ (Price available upon request)
All courses come with a 30-day money-back guarantee and are priced depending on the number of seats (employees to be trained) purchased.
Runner-Up, Best Overall : ProHIPAA
Established in 2003, ProTrainings offers ProHIPPA and more than a dozen other safety and compliance training courses, including CPR/first aid, fire safety, sexual harassment, HIPAA, and continuing education (CE) courses in a variety of health professions. ProHIPAA is accredited and has an A+ rating with the Better Business Bureau. We chose it as our runner-up since it offers comprehensive online HIPAA training for all professionals at a reasonable price but only has a valid certificate for one year.
ProHIPAA’s courses are available online 24/7 and can be accessed on any computer or smart device. The basic HIPAA course is for both covered entities and business associates and contains 35 minutes of subtitled videos as well as knowledge reviews, a final test, remedial help, and reviewing downloaded material. The HIPAA training for leaders contains 59 minutes of subtitled videos and the same materials as the basic course.
ProHIPAA has a pass-pay-print model. That means each course can be taken at no cost and the only payment necessary is to obtain a certificate. Group pricing also is available by request.
- Online HIPAA Training ($29.95 per seat)
- Online HIPAA for Leaders Certification ($49.95 per seat)
Best Price : Biologix Solutions
Founded in 2009, Biologix Solutions is a nationally approved provider of online continuing education for nursing, dental, pharmacy, physical therapy, occupational therapy, and body art professionals. It has an A+ rating with the Better Business Bureau but is not accredited by the organization. We chose it for the best price because it offers basic HIPAA training for individuals for just $10 per person.
For those in healthcare who need HIPAA compliance combined with other continuing education credits, Biologix Solutions' class library offers 100% self-paced online HIPAA training. Each course can be accessed 24/7 on any computer or smart device, takes about an hour to complete, and can be retaken as often as necessary to get a passing score.
Participants will receive a printable PDF certificate on the same day. Biologix also keeps training records and course completion certificates for six years and can provide documentation in case a business gets audited.
In addition to the prices listed below, Biologix also offers corporate discounts and group rates on approved online independent study courses. Group pricing is available by request.
- HIPAA ($10 per seat)
- HIPAA for Texas Healthcare Professionals ($10 per seat)
- HIPAA for Pharmacy Professionals ($10 per seat)
Best for Team Training : HIPAA Associates
HIPAA Associates has been providing HIPAA compliance plans, gap analysis, training, and breach reporting since 2002. It has an A+ rating with the Better Business Bureau, but is not accredited by the organization. We chose HIPAA Associates as the best for team training because it offers dedicated HIPAA training programs for employees and compliance officers.
All courses are created by nationally recognized HIPAA experts and are available to take for 90 days after purchase. A guaranteed HIPAA certificate is issued 90 minutes after the completion of each course with unlimited retakes available. Certificates are valid for two years, and Spanish language versions of each course are available.
HIPAA Associates has a long tradition as a HIPAA educator and has trained small groups and large hospital organizations. Its group training programs are designed for busy providers and built around practical applications they will understand. All group training is web-based and can be branded for use on company servers. Pricing is available on request and is dependent on the size and needs of each group.
The HIPAA Associates pricing model is based on the number of participants:
- Privacy Basics Training ($29.95 per seat)
- Health Information Management ($29.95 per seat)
- IT Professionals ($29.95 per seat)
- Business Associates ($29.95 per seat)
Best Online Program : HIPAA Exams
HIPAA Exams began in 2008 as an online learning system for hospitals. After requests from many of its clients, the company expanded to provide a broader range of training options. It has an A+ rating with the Better Business Bureau but is not accredited by the organization. We chose HIPAA Exams as the best online program because its convenient video training bundles and training management are the closest to getting a live classroom experience online.
HIPAA Exams uses a cloud-based learning management system (LMS) with reporting, tracking, and yearly reminders that can be accessed on any PC, Mac, or smart device. It also offers administrator-level reporting that allows you to view the certificates of all employees and send reminders when needed.
Training certificates can be instantly printed or emailed upon successful completion of any online training course. Tests are instantly graded online and can be attempted as many times as necessary. Every certificate contains a unique ID that can be traced to an individual user for compliance audits. Certificates have no expiration dates and come with one hour of continuing education credits for licensed healthcare professionals.
HIPAA Exams courses are authorized by the International Association for Continuing Education and Training (IACET) and are organized slightly differently than some of the other providers.
In addition to the prices below, monthly subscription plans, yearly course lease options, and course bundles also are available. Pricing is done in several tiers based on the number of students. The prices below are for 1-15 students.
- HIPAA for Business Associates ($19.95 per seat)
- HIPAA for Dental Offices ($19.95 per seat)
- HIPAA for HCIRS (Sales Professional) ($19.95 per seat)
- HIPAA for Health Care Workers ($19.95 per seat)
- HIPAA for Medical Office Staff ($19.95 per seat)
- HIPAA and Osha Bloodborne Pathogens Bundle for Healthcare Workers ($37.95 per seat)
- HIPAA and Osha Bloodborne Pathogens for Dental Office Bundle ($37.95 per seat)
What Is HIPAA Training?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 requires organizations to provide training for all employees, new workforce members, and periodic refresher training for anyone who comes into contact with individuals’ protected health information (PHI).
Since HIPAA regulations are updated yearly, most businesses train employees annually to help them stay current and avoid fines or legal consequences caused by breaches of protocol or security.
HIPAA rules apply to two groups: covered entities and business associates. Covered entities include all healthcare providers such as doctors, dentists, nurses, chiropractors, psychologists, pharmacies, etc. that store or transmit any individual’s private health information electronically.
A business associate is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. Examples of business associates include a third-party administrator that assists with claims processing, a CPA firm that services a healthcare provider and involves access to protected health information, an attorney whose legal services involve access to protected health information, or an independent medical transcriptionist.
An Overview of Legal Ramifications
Starting in 2006, Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general were given the power to impose financial penalties and even pursue legal action against individuals and organizations that violate HIPAA rules.
The OCR can also require violating entities to adopt a corrective action plan (CAP) to bring policies and procedures into compliance. A CAP can involve a closely monitored security risk analysis or audit which can take months or even years and require regular reports to the OCR. Criminal penalties also can be imposed, ranging from one to 10 years in jail.
Violations are graded on the following four-tier system:
Nature of Violation
- No Knowledge ($100 to $50,000)
- Reasonable Cause ($1,000 to $50,000)
- Willful Neglect—Corrected ($10,000 to $50,000)
- Willful Neglect—Not Corrected ($50,000)
Annual Limit for Identical Violations
- No Knowledge ($25,000)
- Reasonable Cause ($100,000)
- Willful Neglect—Corrected ($250,000)
- Willful Neglect—Not Corrected ($1,500,000)
What Does HIPAA Typically Include?
HIPAA training typically includes a basic overview of HIPAA and HIPAA requirements, an explanation of protected health information (PHI) and how to secure it, and an overview of potential HIPAA breaches and violations and how to safeguard against them.
A common misconception is that HIPAA training involves getting a certificate that an individual is HIPAA-compliant. Compliance is an ongoing process, however, and not a one-time status. HIPAA training results in a certificate that indicates that an individual has been trained and educated in HIPAA requirements.
What Does HIPAA Training Typically Exclude?
HIPAA training does not include an audit or assessment to see if a business's security measures are adequate to protect patient privacy. HIPAA training also does not include consulting and assisting in the creation of HIPAA compliance plans, policies, and procedures. Some of the providers we reviewed do offer those services for an additional price.
What Are the Expected Costs of HIPAA Training?
Our research shows that HIPAA training programs range from $10 to $30 per employee. Some companies offer discounted group rates or prices on the lower end ($15) per individual for larger groups. Only one provider offered an annual subscription package with on-demand rather than one-time HIPAA training plus additional training reports, reminders, and document storage.
How We Chose the Best HIPAA Training Companies
During our process for choosing the best HIPAA training, we reviewed about a dozen companies. In the end, we chose providers that have been in the business for at least 10 years, offer comprehensive training programs for both covered entities and business associates, have quick and easy online courses that can be accessed anytime and anywhere, and that allow attendees to get their certificates right away.