Update Your Staff's HIPAA Training

A new state law that took effect in September has more stringent regulations for protected health information (PHI) than its federal counterparts, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act. Among other things, it has new requirements for notices to patients regarding electronic disclosure of PHI. And practices that wrongfully disclose a patient's PHI face increased civil penalties.

The law (House Bill 300) also requires employee training on state and federal laws regarding PHI. TMA will soon launch a new on-demand webinar series that satisfies these training requirements. These programs offer training tailored to each employee's scope of employment (as required by HB 300).The webinar subjects are:   

  • Complying With HIPAA & Texas Privacy Laws – a must for compliance officers and a good overview for the entire staff; 
  • HIPAA for Non-Clinical Staff – tailored for reception and medical records personnel; and 
  • HIPAA for Clinical Staff – focuses on physicians, nurses, billing and coding staff, and others involved in clinical care. 

HB 300 Action Plan 

  • Update your policies and procedures to incorporate changes resulting from HB 300. This includes providing the newly required notice to an individual for whom your practice creates or receives PHI. 
  • Develop and implement an employee training plan. New employees must receive training on state and federal laws concerning PHI for privacy/security compliance within 60 days of hire. Existing employees must complete PHI training at least once every two years. Training must relate to your practice and the employee's duties. In other words, one size does not fit all. 
  • Document, document, document! To meet the training requirement, employees are required to sign, electronically or in writing, a statement verifying attendance at the training program. Your practice is required to keep the signed statement on file.   

Visit TMA's HIPAA Resource Center for more information and resources on HB 300, including downloadable forms needed for compliance. 

Action, Dec. 4, 2012