HIPAA for Non-Medical Employers
All employees who may, by reason of their job role, come into contact with PHI
Many organizations that fit the description of non-medical employers have employees, who by nature of their roles in Human Resources or benefits or health plan administration, have access to the personal and private health information of other employees. These organizations are legally obligated to protect this information as described by HIPAA’s Privacy Rule. This course focuses on helping these employees learn how to identify protected health information (PHI), how to appropriately use, disclose or request PHI, and the importance of following their employer’s internal privacy policies and procedures for handling the PHI they come into contact with as they do their job.
This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.
Complying with The Privacy Rule
- identify what is and isn’t PHI
- identify how permitted uses and disclosures are handled when an individual’s authorization isn’t needed
- recognize defective authorizations
- recognize how the minimum necessary standard applies to the PHI you may need to handle
- identify what you must do to uphold an individual’s rights regarding their own PHI, while doing your job