HIPAA Compliance Verification is how training providers refer to the process where an individual or organization has undergone and passed a course in HIPAA compliance. After passing the course in HIPAA compliance, the successful person or group is allowed to display the training provider´s “Certificate” or “Seal of Approval” on their website and other documentation – such as a CV.
The term “HIPAA Compliance Verification” is often swapped with “HIPAA Certification” or “HIPAA Certified”. None of the three terms are recognized by the Department of Health & Human Services, who include on its website: “There is no HIPAA Certification process, and no company has the authority to certify HIPAA compliance. Such certifications do not absolve Covered Entities of their legal obligations.”
What is the Relevance of HIPAA Compliance Verification?
Though HIPAA compliance verification may not be acknowledged by the Department of Health & Human Services, HIPAA compliance training is mandatory. The training services supplied by third-party firms – particularly those who provide online training – can be more cost-effective and less time consuming for a group than having to create a training program of its own.
Additionally, although the Department of Health & Human Services releases a selection of training materials and resources on its website, by its own admission there are no specific HIPAA training obligations. Firms offering HIPAA compliance verification can therefore tailor their training courses to each person’s or group’s specific roles within the healthcare sector.
This has the benefit of making a security or privacy breach less likely, as staff members are trained to identify risks to the integrity of the Protected Health Information they come into contact with during their day-to-day working duties. Groups are more likely to carry out relevant risk assessments and develop enforceable HIPAA compliant policies, rather than if there were “one-size-fits-all” training.
Firms Are Empowered to Certify HIPAA Compliance
The onus remains on the individual or organization to ensure they adhere with HIPAA. A “Certificate” or “Seal of Approval” will not prevent the Department of Health & Human Services issuing a fine if a breach of PHI takes place; but, as long as the content of the training course is implemented, a breach of PHI is less likely to happen. It is the training that is crucial, not HIPAA compliance verification.
Therefore be wary of firms that offer HIPAA Certification for $20. These companies are unlikely to supply the depth of training needed to comprehend the complexities of HIPAA. Some companies issue certificates to trainees after the trainees have sat through an online 30-minute video. Some do not even insist trainees watch the video. They can pay their $20 and install the certificate.