Online Class: HIPAA Compliance 101

In this course, you will gain a thorough understanding of HIPAA--the Health Insurance Portability and Accountability Act

no certificate
- OR -
with CEU Certificate*
Start Right Now!
$95.00 (with CEU Certificate)
Taking multiple courses? Save with our platinum program.
  • 12
  • 17
    Exams &
  • 2,725
    have taken this course
  • 6
    average time
  • 0.6

Course Description

In this course, you will gain a thorough understanding of HIPAA--the "Health Insurance Portability and Accountability Act". Included are modules explaining the legislative origin of HIPAA, which providers are covered under the act, as well as the steps necessary to protect patient information and request disclosures. 

In addition, we will examine the measures needed to maintain HIPAA compliance and understand the compliance auditing, violation and investigation processes. We will also present some case studies of patients who have complained of HIPAA violations, which resulted in lawsuits and fines for the providers.


HIPAA was the result of mounting concerns regarding patient access to insurance during unstable times, as well as concerns regarding the mass collection and storage of highly sensitive personal information by health insurance companies and medical establishments. HIPAA is divided into two components, Title 1 and Title 2.  

Title 1: Health Coverage Access and Portability

The focus of Title 1 is on the portability of health coverage. This protects an individual's ability to maintain health coverage even when moving between jobs, and is especially important in the case of pre-existing conditions.

In the past, many employers denied health coverage to new employees if they could verify the existence of a pre-existing condition. Due to this, many people were afraid to leave their jobs, even if the work environment and compensation were poor. The risk of being unable to acquire health insurance for themselves and their families was one that few people were willing to take, especially in uncertain economic times.

According to the United States Department of Labor, HIPAA is a federal law that:

  • Limits the ability of a new employer plan to exclude coverage for pre-existing conditions
  • Provides additional opportunities to enroll in a group health plan if you lose other coverage, or experience certain life events
  • Prohibits discrimination against employees and their dependent family members based on any health factors they may have, including prior medical conditions, previous claims experience, and genetic information
  • Guarantees that certain individuals will have access to, and can renew, individual health insurance policies.


Title 2: Developing the Administrative Simplification Provisions


The focus of Title 2, also known as the "Administrative Simplification"provisions, is to protect unique identifying information found in patient health records, insurance claims and many other types of health documents. Title 2 also encourages the use of electronic patient records systems and imposes penalties for breaches of patient privacy.

When the act was initially drafted, there was a mandate for the Administrative Simplification rules to be developed and ratified by Congress and publicized by the Secretary of the Department of Health and Human Services to the public within three years. In the absence of action by Congress, the Secretary of HHS was to take responsibility for drafting the legislation. As Congress failed to move on this initiative, the Secretary of HHS took over.

The Secretary created proposed legislation that governed the exchange, privacy, and security of personal health information. This proposal was released to the public for feedback and amended based on more than 52,000 comments that were received. The final version was released in December of 2000. The legislation was later revised and again vetted by the public, with the final version released in August of 2002.

The First Federal Medical Privacy Data Legislation

There were privacy laws on the books in the individual states, but they mainly focused on financial data, identity theft, and other types of fraud. The laws that dealt with medical information were not robust or clear enough to eliminate the many breaches of privacy that had occurred,  or could occur. HIPAA provided a blanket set of expectations for medical data privacy that provided more security for patients and uniform direction for those who deal with medical data. The fact that the law included civil and criminal penalties also gave it more credibility.  


Prior to the inception of HIPAA's privacy rule, there was a sense of organized chaos in the medical community. Clinics were burdened with increased administrative duties required by managed care companies, which included keeping up to date on procedure codes, billing requirements, and record maintenance. Also, there was no standard format for the establishments that maintained electronic patient records. One of the main goals of HIPAA was to streamline the process for maintaining and transmitting patient data electronically while limiting breaches in confidentiality.  


The main benefits of the Standards for Privacy of Individually Identifiable Health Information ("Privacy Rule") are:


  • Specific rules regarding the disclosure of Protected Health Information (PHI) 
  • Guidelines for transmitting patient data electronically 
  • Limiting internal employee access to PHI to the minimum necessary to perform their jobs 
  • Guidelines for health insurance companies and clearing houses that transmit PHI 
  • The ability for patients to access their medical records and make amendments to their medical data if warranted  
  • To require authorization from the individual to utilize or transmit PHI as part of any marketing communications


The privacy rule has gone through a few iterations. The original version was released in December of 2000. The privacy rule was later amended in August of 2002, and required compliance by February 14, 2003. Smaller health plans with fewer resources were required to be in compliance by April 14, 2004.  

HIPAA is legislation that ensures access and continuation of the health care coverage of Americans, including special provisions to help those with pre-existing conditions. In addition, the privacy rule included in HIPAA streamlined the accumulation, transmission, and storage of personally identifiable health information, along with ensuring patients access to their records, and allowing amendments as needed.
  • Completely Online
  • Self-Paced
  • Printable Lessons
  • Full HD Video  
  • 6 Months to Complete
  • 24/7 Availability
  • Start Anytime
  • PC & Mac Compatible
  • Android & iOS Friendly
  • Accredited CEUs
Universal Class is an IACET Accredited Provider

Course Lessons

Average Lesson Rating:
4.5 / 5 Stars (Average Rating)
"Extraordinarily Helpful"
(2,700 votes)

Lesson 1: HIPAA Policy Background

In this lesson, you will learn about the origin of HIPAA, including the initial failure of Congress to enact privacy protection for medical records and transactions. Additional lesson topics: Origin of HIPAA 14 Total Points
  • Lesson 1 Video
  • Lesson discussions: Poll 2 ~ Lesson 1; Poll 1 ~ Lesson 1; Poll 3 ~ Lesson 3; Reasons for Taking this Course
  • Complete: Lesson 1 Assignment
  • Assessment: Lesson 1 Exam

Lesson 2: Covered Entities Under HIPAA

In this lesson you will learn about "covered entities" in the context of HIPAA. We will examine the sometime complex relationships between health care practitioners, insurance plans, and business associates. Additional lesson topics: Health Information Privacy 15 Total Points
  • Lesson 2 Video
  • Complete: Lesson 2 Assignment
  • Assessment: Lesson 2 Exam

Lesson 3: What Is Protected Health Information?

In this lesson, we will examine Protected Health Information in more detail. You will be given examples of PHI and learn how to de-identify health information, as well as what can be shared with the consent of the patient. Additional lesson topics: Summary of the HIPAA Privacy Rule 10 Total Points
  • Lesson 3 Video
  • Assessment: Lesson 3 Exam

Lesson 4: Sharing PHI Without Patient Notification

In this lesson, you will learn the specific situations which do not require patient notification or authorization in order to release protected health information. Additional lesson topics: Privacy and Business Associates 10 Total Points
  • Lesson 4 Video
  • Assessment: Lesson 4 Exam

Lesson 5: Obtaining Patient Authorization

In this lesson you will learn about the scenarios in which a patient authorization form is required under the privacy rule before a disclosure is made. 12 Total Points
  • Lesson 5 Video
  • Complete: Lesson 5 Assignment
  • Assessment: Lesson 5 Exam

Lesson 6: Understanding "Minimum Necessary"

In this lesson, we will examine the term "minimum necessary," as defined by HIPAA. 10 Total Points
  • Lesson 6 Video
  • Assessment: Lesson 6 Exam

Lesson 7: Publicizing HIPAA Compliance and Informing Patients

This lesson will cover the responsibility of the covered entity to provide the patient with a copy of their privacy policy, which outlines their adherence to HIPAA guidelines. Additional lesson topics: Informing Patients of Privacy Rights 12 Total Points
  • Lesson 7 Video
  • Complete: Lesson 7 Assignment
  • Assessment: Lesson 7 Exam

Lesson 8: Patient Rights and Access to PHI

In this lesson, we will review patient rights, including the right to access and amend PHI found in their patient records, as well as the right to restrict disclosures and request an accounting of any disclosures made. Additional lesson topics: Uses and Disclosures for Treatment, Payment, and Health Care Operations 10 Total Points
  • Lesson 8 Video
  • Lesson discussions: Poll 1 ~ Lesson 8
  • Assessment: Lesson 8 Exam

Lesson 9: Administrative Requirements of Adhering to HIPAA

In this lesson, we will cover the administrative responsibilities that must be carried out by health care practitioners and facilities to be in compliance with HIPAA. Additional lesson topics: HIPAA Compliance Program Solutions 10 Total Points
  • Lesson 9 Video
  • Assessment: Lesson 9 Exam

Lesson 10: HIPAA's Administrative Simplification Regulations

In this lesson, you will learn about the additional Administrative Simplification Regulations outlined in the HIPAA legislation, including the use of national provider identification numbers, and specific billing regulations for Medicare. Additional lesson topics: HIPAA Administrative Simplification Statute and Rules 10 Total Points
  • Lesson 10 Video
  • Lesson discussions: Poll 1 ~ Lesson 10
  • Assessment: Lesson 10 Exam

Lesson 11: Enforcement and Penalties

In this lesson, you will learn about the investigative and disciplinary measures taken to ensure HIPAA compliance among covered entities. In addition, you will be given examples of non-compliance, and the resulting prosecution and fines. 10 Total Points
  • Lesson 11 Video
  • Assessment: Lesson 11 Exam

Lesson 12: HIPAA in Action

In this lesson, you will get a glimpse of HIPAA applied in real world situations. 45 Total Points
  • Lesson 12 Video
  • Lesson discussions: Poll 1 ~ Lesson 12; Program Evaluation Follow-up Survey (End of Course); Course Comments
  • Assessment: Lesson 12 Exam
  • Assessment: The Final Exam
Total Course Points

Learning Outcomes

By successfully completing this course, students will be able to:
  • Summarize HIPAA policy background.
  • Identify covered entities under HIPAA.
  • Describe what is protected health information.
  • Summarize sharing PHI without patient notification.
  • Describe obtaining patient authorization.
  • Describe publicizing HIPAA compliance and informing patients.
  • Recognize patient rights and access to PHI.
  • Summarize administrative requirements of adhering to HIPAA.
  • Identify enforcement and penalties of HIPAA.
  • Demonstrate mastery of lesson content at levels of 70% or higher.

Additional Course Information

Online CEU Certificate
  • Document Your Lifelong Learning Achievements
  • Earn an Official Certificate Documenting Course Hours and CEUs
  • Verify Your Certificate with a Unique Serial Number Online
  • View and Share Your Certificate Online or Download/Print as PDF
  • Display Your Certificate on Your Resume and Promote Your Achievements Using Social Media
Document Your CEUs on Your Resume
Course Title: HIPAA Compliance 101
Course Number: 8900352
Lessons Rating: 4.5 / 5 Stars (2,700 votes)
Languages: English - United States, Canada and other English speaking countries
Availability: This course is online and available in all 50 states including: California, Florida, Georgia, Illinois, New York, Pennsylvania, Ohio, and Texas.
Last Updated: April 2023
Course Type: Self-Paced, Online Class
CEU Value: 0.6 IACET CEUs (Continuing Education Units)
CE Accreditation: Universal Class, Inc. has been accredited as an Authorized Provider by the International Association for Continuing Education and Training (IACET).
Grading Policy: Earn a final grade of 70% or higher to receive an online/downloadable CEU Certification documenting CEUs earned.
Assessment Method: Lesson assignments and review exams
Syllabus: View Syllabus
Course Fee: $95.00 U.S. dollars

Choose Your Subscription Plan

Course Only
One Course
No Certificate / No CEUs
for 6 months
Billed once
This course only
Includes certificate X
Includes CEUs X
Self-paced Yes
Instructor support Yes
Time to complete 6 months
No. of courses 1 course
Certificate Course
One Course
Certificate & CEUs
for 6 months
Billed once
This course only
Includes certificate Yes
Includes CEUs Yes
Self-paced Yes
Instructor support Yes
Time to complete 6 months
No. of courses 1 course
Platinum Yearly
Certificates & CEUs
per year
Billed once
Includes all 600+ courses
Includes certificate Yes
Includes CEUs Yes
Self-paced Yes
Instructor support Yes
Time to complete 12 Months
No. of courses 600+
Platinum 2 Years
Certificates & CEUs
for 2 years
You save $79.00!
Billed once
Includes all 600+ courses
Includes certificate Yes
Includes CEUs Yes
Self-paced Yes
Instructor support Yes
Time to complete 24 Months
No. of courses 600+

Student Testimonials

  • "All good" -- Kyle B.
  • "Instructor was very quick to respond." -- Lynn E.
  • "Good job. I also liked the extra resources offered with the course material." -- Shannon N.
  • "It was great having an instructor with the CPC designation. It gave me confidence that this course is necessary. The written assignments forced me to pay attention to the detail of what I was reading and the exams reinforced my learning of the information." -- Carolyn D.
  • "Thank you. The whole class was helpful." -- Diane L.
  • "[Instructor] responded to all of my emails and helped me to understand the reasoning for each correct answer." -- Palmyra S.
  • "Course was very informative and not terribly difficult I was worried I would struggle with it but I did not. Instructor was on top of the work never took her very long to grade things. I found the videos extra helpful because I would read the material and then watch them and it helps me get all the info thoroughly down pat." -- Josie F.
  • "The way HIPAA was broken down into digestible chunks was very helpful." -- Charles F.