This is a mock training based on resources provided by https://www.hhs.gov/hipaa/for-professionals/training/index.html and https://www.healthit.gov/topic/privacy-security-and-hipaa/health-it-privacy-and-security-resources-providers for a class discussion forum.

1. Confidentiality
Training

2. Education for Providers
● HIPAA Privacy and Security Rules Training.
1. Patient Privacy: A Guide for Providers
2. HIPAA and You: Building a Culture of Compliance Website Disclaimers
3. Examining Compliance with the HIPAA Privacy Rule Website Disclaimers
4. Understanding the Basics of HIPAA Security Risk Analysis and Risk Management Website Disclaimers
5. Your Mobile Device and Health Information Privacy and Security Website Disclaimers
6. EHRs and HIPAA: Steps for Maintaining the Privacy and Security of Patient Information

3. Helping Patients Know Their Privacy Rights
● Communicatng with a Patient’s Family, Friends, or Others Involved int the Patients Care.
● Guidance Materials for Consumers
● Patients and Families Portal

4. Other Federal and State Privacy and Security Resources
● Reports on Related State Law, Business Practices, and Policy. Health Information Security and Privacy Collaboration (HISPC)
● Health Information Privacy Law and Policy.
● Federal Advisory Committees (FACAs) – Health IT Policy Committee (HITPC) Privacy and Security Workgroup.
● Prior HITPC Privacy & Security Tiger Team/Working Group Recommendations to the National Coordinator
● Personal Health Records (PHR) Roundtable. Materials from "Personal Health Records — Understanding the Evolving
Landscape".

5. HIPAA Guidance
● Permitted Uses and Disclosures: Exchange for Health Oversight Activities
● Permitted Uses and Disclosures: Exchange for Health Care Operation
● Permitted Uses and Disclosures: Exchange for Treatment
● Permitted Uses and Disclosures: Exchange for Public Health Activities
● HIPAA Privacy Rule Summary. OCR summary of key elements of the Privacy Rule, including who is covered, what
information is protected, and how information can be used and disclosed.
● HIPAA Security Rule Summary. OCR summary of key elements of the Security Rule, including who is covered, what
information is protected, and what safeguards must be in place.

6. HIPAA Guidance Continued
● Am I a Covered Entity? Assistance in determining if you are a Covered Entity (CE).
● HIPAA Breach Notification Rule. OCR summary of key elements of the Breach Notification Rule, including the legal definition
of a breach.
● Instructions for Submitting a Breach Notification. OCR summary of what you are required to do if you have a breach.
● HIPAA Enforcement. OCR information about their HIPAA enforcement process and audit program.
● HIPAA Frequently Asked Questions (FAQs) Database. OCR’s searchable database providing information on a variety of topics
related to HIPAA.
● De-Identifying Protected Health Information. OCR guidance on de-identification of PHI to enable you to aggregate patient data
without violating patient privacy.

7. References
https://www.hhs.gov/hipaa/for-professionals/training/index.html
https://www.healthit.gov/topic/privacy-security-and-hipaa/health-it-privacy-and-security-resources-providers