With data security breaches on the rise, healthcare providers are finding it more challenging than ever to protect the privacy of individuals’ health information and remain HIPAA-compliant.
It’s been estimated that, although 70% of companies experienced a data breach in the last 12 months, 82% have not conducted a security risk assessment in the last three months. Considering that HIPAA fines can range from $100 to $50,000 per incident, failing to address HIPAA violations can be ruinous for many small businesses.
We reviewed the best HIPAA training providers based on the types of training offered, the convenience of the training courses, quick access to certificates, and additional support to help businesses keep their employees trained and compliant. Read on to see our top picks.
The 6 Best Information Security (HIPAA) Training
Best Overall: HIPAATraining.com
HIPAATraining.com has been in the HIPAA compliance space since 2002 and offers a full range of training and certification for individuals and organizations. We chose it as the best overall training provider because it is a one-stop-shop that clearly outlines the training process for all types of professionals, making it easy to administer and track the results of all training courses.
All courses are created by HIPAA experts and are available for review for 90 days after purchase. Course attendees can retake the course as many times as necessary until they pass and print a PDF HIPAA certificate and wallet card upon completion. Certificates are valid for two years, and Spanish language versions are also available for each HIPAA Training course.
HIPAATraining.com provides a simple shopping experience to help companies recertify their employees. A shared multi-user login for employees means that there is no need to create multiple usernames and passwords. Certificates and transcript scores are automatically emailed to the account administrator along with detailed training logs in Microsoft Excel.
HIPAATraining.com offers online courses that can be accessed 24/7 from any computer or smart device and are available for the following audiences:
- Healthcare Providers
- Mental Health Providers
- Business Associates
- Insurance Brokers and Agents
- Employer Group Health Plan Administrators
Prices are based per seat:
- 1 to 9 seats ($29.99 per seat)
- 10 to 24 seats ($24.99 each)
- 25 to 49 ($23.99 each)
- 50 to 99 ($22.99 each)
- 100 to 199 ($19.99 each)
- 200 to 299 ($14.99 each)
- 300+ (Price available upon request)
All courses come with a 30-day money-back guarantee and are priced depending on the number of seats (employees to be trained) purchased.
Runner-Up, Best Overall: ProHIPAA
Established in 2006, ProHIPAA by ProTrainings offers over a dozen safety and compliance training courses, including CPR/first aid, fire safety, sexual harassment, HIPAA, and continuing education (CE) courses in a variety of health professions. ProHIPAA is accredited and has an A+ rating with the Better Business Bureau. We chose it as our runner-up since it offers comprehensive online HIPAA training for all professionals at a reasonable price but only has a valid certificate for one-year.
ProHIPAA’s courses are available online 24/7 and can be accessed on any computer or smart device. The basic HIPAA course is for both covered entities and business associates and contains 35 minutes of subtitled videos as well as knowledge reviews, final test, remedial help, and reviewing downloaded material. The HIPAA training for leaders contains 59 minutes of subtitled videos and the same materials as the basic course.
ProHIPAA has a unique pass-pay-print model. That means each course can be taken with no cost and the only payment necessary is to obtain a certificate. Group pricing is also available by request.
- Online HIPAA Training ($29.95 per seat)
- Online HIPAA for Leaders Certification ($49.95 per seat)
Best Price: Biologix Solutions
Founded in 2009, Biologix Solutions is a nationally approved provider of online CE for nursing, dental, pharmacy, physical therapy, occupational therapy, and body art professionals. It has an A+ rating with the Better Business Bureau but is not accredited with the organization. We chose it for the best price because it offers basic HIPAA training for individuals for just $10 per person.
For those in healthcare who need HIPAA compliance combined with other continuing education credits, Biologix Solutions has the answer. Its class library offers 100% self-paced online HIPAA training. Each course can be accessed 24/7 on any computer or smart device, takes about an hour to complete, and can be retaken as often as necessary to get a passing score.
Participants will receive a printable PDF certificate on the same day. Biologix also keeps training records and course completion certificates for four years and can provide documentation in case a business gets audited.
In addition to the prices listed below, Biologix also offers corporate discounts and group rates on approved online independent study courses. Group pricing is available by request.
- HIPAA ($10 per seat)
- HIPAA for Texas Healthcare Professionals ($10 per seat)
- HIPAA for Pharmacy Professionals ($10 per seat)
Best for Team Training: HIPAA Associates
Since 2002, HIPAA Associates has been providing HIPAA compliance plans, gap analysis, training, and breach reporting. It has an A+ rating with the Better Business Bureau but is not accredited with the organization. We chose HIPAA Associates as the best for team training because it offers dedicated HIPAA training programs for employees and compliance officers.
All courses are created by nationally recognized HIPAA experts and are available to take for 90 days after purchase. A guaranteed HIPAA certificate is issued 90 minutes after the completion of each course with unlimited retakes available. Certificates are valid for two years, and Spanish language versions of each course are available.
HIPAA Associates has a long tradition as a HIPAA educator and has trained small groups and large hospital organizations. Its group training programs are designed for busy providers and built around practical applications they will understand. All group training is web-based and can be branded for use on company servers. Pricing is available on request and is dependent on the size and needs of each group.
The HIPAA Associates pricing model is based on number of participants:
- Privacy Basics Training ($29.95 per seat)
- Health Information Management ($29.95 per seat)
- IT Security ($29.95 per seat)
- Business Associates ($29.95 per seat)
Best Online Program: HIPAA Exams
HIPAA Exams began in 2001 as an online learning system for hospitals. After requests from many of its clients, the company expanded to provide a broader range of training options in 2008. It has an A+ rating with the Better Business Bureau but is not accredited with the organization. We chose HIPAA Exams as the best online program because its convenient video training bundles and online document and training management are the closest to getting a live classroom experience online.
HIPAA Exams uses a cloud-based learning management system (LMS) with reporting, tracking, and yearly reminders that can be accessed on any PC/MAC or smart device. It also offers a simple document management system that allows businesses to upload employee-specific or company-wide documents that can be shared with employees or kept private.
Training certificates can be instantly printed or emailed upon successful completion of any online training course. Tests are instantly graded online and can be attempted as many times as necessary. Every certificate contains a unique ID that can be traced to an individual user for compliance audits. Certificates have no expiration dates and come with one hour of CE credits for licensed healthcare professionals.
HIPAA Exams courses are authorized by the International Association for Continuing Education and Training (IACET) and are organized slightly differently than some of the other providers.
In addition to the prices below, monthly subscription plans, yearly course lease options, and course bundles are also available. Pricing is for one to 100 seats. Group pricing is available for 101+ seats.
- HIPAA for Business Associates ($14.99 per seat)
- HIPAA for Dental Offices ($14.99 per seat)
- HIPAA for HCIRS (Sales Professional) ($14.99 per seat)
- HIPAA for Health Care Workers ($14.99 per seat)
- HIPAA for Medical Office Staff ($14.99 per seat)
- HIPAA and Osha Bloodborne Pathogens Bundle for Healthcare Workers ($34.95 per seat)
- HIPAA and Osha Bloodborne Pathogens for Dental Office Bundle ($34.95 per seat)
HIPAA Secure Now: Best Supporting Resources
HIPAA Secure Now has been providing HIPAA training, audits, and compliance reviews since 2009. The company has been featured on Bloomberg Television, Worldwide Business with Kathy Ireland, and Fox Business. We chose HIPAA Secure Now as the best for supporting resources because the company provides all-in-one HIPAA security services to help businesses maintain HIPAA compliance.
HIPAA Secure Now offers in-depth online HIPAA training for employees as well as advice for best practices in protecting patient information. Employees can take the training at work or at home and can stop and start it at any time and retake it as often as they want until they pass. It takes 60 to 90 minutes to complete the training and the course can be accessed for 14 days after purchase.
Businesses will also receive a report that lists each staff member, the date they took the training, and the highest score they achieved on the quiz. Each training package comes with 12 months’ access to the HIPAA Secure Compliance Portal which makes it easy to manage the necessary documents and policy to stay HIPAA compliant.
In addition to HIPAA training, HIPAA Secure Now also offers HIPAA audits, risk assessments and HIPAA policies and procedures customized for each business, and customized business associate policies.
HIPAA Secure Now’s annual training subscriptions include:
- On-Demand HIPAA Security Training
- Engaging Training Videos
- Employee Compliance Testing
- Employee Certificates
- Administrator Training Reports
- New Employee Training
- Security Tips and Reminders
- 12 Months Use of Compliance Portal
HIPAA Secure Now’s annual price is the total cost for the year, not the cost per employee:
- 1 to 10 ($49 per year)
- 11 to 20 ($99 per year)
- 21 to 50 ($149 per year)
- 51 to 100 ($399 per year)
What Is HIPAA Training?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 requires organizations to provide training for all employees, new workforce members, and periodic refresher training for anyone who comes into contact with individuals’ protected health information (PHI).
Since HIPAA regulations are updated yearly, most businesses train employees annually to help them stay current and avoid fines or legal consequences caused by breaches of protocol or security.
HIPAA rules apply to two groups: covered entities and business associates. Covered entities include all healthcare providers such as doctors, dentists, nurses, chiropractors, psychologists, pharmacies, etc. that store or transmit any individual’s private health information electronically.
A business associate is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. Examples of business associates include a third-party administrator that assists with claims processing, a CPA firm that services a healthcare provider and involves access to protected health information, an attorney whose legal services involve access to protected health information, or an independent medical transcriptionist.
An Overview of Legal Ramifications
Starting in 2006, Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general were given the power to impose financial penalties and even pursue legal action against individuals and organizations that violate HIPAA rules.
The OCR can also require violating entities to adopt a corrective action plan (CAP) to bring policies and procedures into compliance. A CAP can involve a closely monitored security risk analysis or audit which can take months or even years and require regular reports to the OCR. Criminal penalties can also be imposed ranging from one to 10 years in jail.
Violations are graded on the following four-tier system:
Nature of Violation
- No Knowledge ($100 to $50,000)
- Reasonable Cause ($1,000 to $50,000)
- Willful Neglect—Corrected ($10,000 to $50,000)
- Willful Neglect—Not Corrected ($50,000)
Annual Limit for Identical Violations
- No Knowledge ($25,000)
- Reasonable Cause ($100,000)
- Willful Neglect—Corrected ($250,000)
- Willful Neglect—Not Corrected ($1,500,000)
What Does HIPAA Typically Include?
HIPAA training typically includes a basic overview of HIPAA and HIPAA requirements, an explanation of protected health information (PHI) and how to secure it, and an overview of potential HIPAA breaches and violations and how to safeguard against them.
A common misconception is that HIPAA training involves getting a certificate that an individual is HIPAA-compliant. Compliance is an ongoing process, however, and not a one-time status. HIPAA training results in a certificate that indicates that an individual has been trained and educated in HIPAA requirements.
What Does HIPAA Training Typically Exclude?
HIPAA training does not include an audit or assessment to see if a business's security measures are adequate to protect patient privacy. HIPAA training also does not include consulting and assisting in the creation of HIPAA compliance plans, policies, and procedures. Some of the providers we reviewed do offer those services for an additional price.
What Are the Expected Costs of HIPAA Training?
Our research shows that HIPAA training programs range from $10 to $30 per employee. Some companies offer discounted group rates or prices on the lower end ($15) per individual for larger groups. Only one provider offered an annual subscription package with on-demand rather than one-time HIPAA training plus additional training reports, reminders, and document storage.
How We Chose the Best HIPAA Training Companies
During our process for choosing the best HIPAA training, we reviewed about a dozen companies. In the end, we chose providers that have been in the business for at least 10 years, offer comprehensive training programs for both covered entities and business associates, have quick and easy online courses that can be accessed anytime and anywhere, and that allow attendees to get their certificates right away.
Strategy New Media. "HIPAA Compliance – How Healthy is Your Company?" Accessed April 10, 2020.
HIPPATraining.com. "HIPAA Compliance for Organizations: Healthcare Providers." Accessed April 10, 2020.
HIPAATraining.com. "Home." Accessed April 10, 2020.
ProHIPPA. "Course Library." Accessed April 10, 2020.
ProHIPAA. "ProHIPAA: Online HIPAA Training." Accessed April 10, 2020.
ProHIPAA. "ProHIPAA for Leaders: Online HIPAA for Leaders Certification." Accessed April 10, 2020.
ProHIPAA. "Professional training, always available." Accessed April 10, 2020.
Biologix Solutions. "HIPAA Training (Health Insurance Portability & Accountability Act)." Accessed April 10, 2020.
HIPPA Associates. "Home." Accessed April 10, 2020.
HIPAA Associates. "HIPAA Group Training." Accessed April 10, 2020.
HIPPA Exams. "About HIPPA Exams." Accessed April 10, 2020.
HIPAA Exams. "Home." Accessed April 10, 2020.
HIPPA Exams. "Our Course List." Accessed April 10, 2020.
HIPPA Secure Now! "HIPPA Secure Now." Accessed April 10, 2020.
HIPAA Secure Now! "Free HIPAA Security Training." Accessed April 10, 2020.
HIPAA Secure Now! "Store." Accessed April 10, 2020.
HHS.gov. "Covered Entities and Business Associates." Accessed April 10, 2020.
HHS.gov. "Business Associates." Accessed April 10, 2020.
HIPAA Journal. "What are the Penalties for HIPAA Violations?" Accessed April 10, 2020.
HIPAAtrek. "Corrective Action Plans for HIPAA Violations and How to Prevent Them." Accessed April 10, 2020.
McDermott Will & Emery. "OCR Corrects Past Misinterpretation of HIPAA Annual Penalty Limits, Signaling Potential Relief for Entities Facing Enforcement." Accessed April 10, 2020.