How often: What are the required timeframes for HIPAA Training?
Actually, neither the Privacy Rule nor the Security Rule offer suggestions with mandating specific timeframes. The Privacy Rule states that HIPAA training is required for “each new member of the workforce within a reasonable period of time after the person joins the Covered Entity’s workforce”. Also, training is required when “functions are affected by a material change in policies or procedures” (within a reasonable period of time). A reasonable period of time can be interpreted as the first few days or weeks rather than months.
According to the Security Rule, HIPAA training is required “periodically” which can be interpreted as annually or every two or three years. But it is a good practice to provide common HIPAA refresher training annually and specific shorter training sessions more frequently. This practice can reduce the risk of accidental HIPAA violations.
To learn more about HIPAA EDI and become a certified EDI Professional please visit our course schedule page.