HIPAA - Privacy Rule for Covered Entities

  • 4 topics | 31m 1s
  • Includes Assessment
  • Up to 30 languages
  • Transcripts
The information that a health care provider collects and uses to provide patient care is confidential and often sensitive. Because of the sensitive nature of medical records and other personally identifiable information, patients trust their health care provider to safeguard their information and use it appropriately. Employees of organizations that are considered 'covered entities' under HIPAA work with patients and their confidential information on a daily basis, and are required to follow the HIPAA Privacy Rule as well as their employer's internal privacy policies. In this course, you will learn how to identify protected health information, how to appropriately use and disclose PHI, and how to implement best practices for safeguarding the information you work with every day. This course was developed with subject matter support provided by the Labor & Employment Law Group of the law firm of Baker, Donelson, Bearman, Caldwell & Berkowitz, PC. Please note, however, that the course materials and content are for informational purposes only and do not constitute legal advice. Nothing herein, or in the course materials, shall be construed as professional advice as to any particular situation or constitute a legal opinion with respect to compliance with any federal, state, or local laws. Transmission of the information is not intended to create, and receipt does not constitute, an attorney-client relationship. Readers should not act upon this information without seeking professional counsel. The information contained herein is provided only as general information that may or may not reflect the most current legal developments. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice or to substitute for obtaining legal advice from an attorney licensed in your state.


  • recognize the importance of complying with privacy standards
  • determine whether or not a given example is protected health information (PHI)
  • identify your employer's policies for how to handle PHI
  • determine whether a PHI disclosure requires patient authorization
  • identify best practices for working with protected health information
  • identify the preferred response to a suspected violation of the Privacy Rule
  • identify the minimum necessary information to provide, given a request or need to disclose PHI
  • recognize how to handle protected health information in accordance with the HIPAA Privacy Rule


  • The HIPAA Privacy Rule and PHI
  • Working with PHI
  • Best Practices with PHI
  • Knowledge Check: Privacy Rule for Covered Entities