Welcome to your HIPAA Training.

Please click the forward arrow to begin.

You are receiving this training because you are working at Abbott, located in the US or Puerto Rico.

As such, you might be exposed to data that is governed by the Health Insurance Portability and Accountability Act (HIPAA).

Abbott places a high value on protecting data, including Protected Health Information (PHI). We want to ensure you have the knowledge and skills necessary to handle and protect this sensitive information.

Throughout this course, we’ll look at HIPAA and best practices for protecting PHI.

Upon completion of this course, you will be able to:

• Recognize the importance of HIPAA and how it applies to Abbott.
• Identify key examples of PHI and know how to protect it.
• Identify and report known or suspected misuses of PHI.
• Recognize the consequences of not complying with HIPAA.

The course will take 30 minutes to complete.

The icons at the top of the screen provide one-click access to key resources:

• The Table of Contents,
• Important contact information, and
• Reference material.

In addition, you can use the Audio icon to turn the audio on or off and the Exit icon to close the course window.

There are several features to help guide you through the course:

• The Back and Forward arrows allow you to move from screen to screen.
• A horizontal slider bar at the bottom of the screen allows you to see where you are in the course.
• The Table of Contents lets you navigate to previously viewed content.

Knowledge Check

Once you have reviewed the content of this course, you will be required to complete a 10-question Knowledge Check.

You must score 80 percent to certify completion of this course.

HIPAA is a US regulation and applies to all US patients.

It requires Abbott entities that provide healthcare services to protect the privacy and security of PHI and provide individuals with certain rights regarding their health information. HIPAA states that health data:

“Can only be used for health-related purposes unless people give permission to share it otherwise.”

PHI is information relating to an individual’s physical or mental health conditions, treatments, and payments that can identify an individual.

It is information that, individually or when put together, makes it possible to link a health record to a specific individual.

HIPAA applies to all PHI, regardless of how it’s communicated - whether it’s shared verbally, in writing, or through electronic methods.

It is all our jobs to protect this information!

Examples of PHI include anything that would identify a person, such as a person’s name, their SSN, or their passport ID number, plus any of the following:

• Illness diagnosis, prognosis, or treatment;
• Health care billings or payments;
• Treatment dates and location.

CLICK LEARN MORE FOR AN EXPANDED LIST OF HIPAA IDENTIFIERS.

Learn More

HIPAA Identifiers include:

• Names
• Phone and fax numbers
• Email addresses
• Vehicle identifiers, including VIN and license plate numbers
• Device Model and Serial Number
• Postal Address
• Account numbers
• Medical Record/prescription numbers or Health Plan numbers
• Certificate/license numbers
• Full images of a person, including photographs of a full face
• Social Security Numbers
• URLs and IP addresses
• Identifying dates, including Date of Birth, Date of Death, Treatment Dates
• Biometric identifiers, including finger and voice prints
• Any other unique identifying number, characteristic, or code

Your ability to protect PHI depends on your ability to recognize PHI.

CLICK EACH OF THE PANELS TO VIEW EXAMPLES OF DOCUMENTS AND SITUATIONS WHICH MAY CONTAIN PHI.

Written Health Information

Any information that relates to an individual’s health care or payment, including the following:

• A patient ID card.
• An employee benefits registration form.
• An order or billing invoice containing patient information.
• Medical equipment or supply orders, shipments, and packing lists (e.g., INR and diabetes meters, INR and VAD supplies).

Electronic Health Information

Any information that relates to an individual’s health care or payment, including the following:

• A health care plan’s claims data in electronic form.
• Any patient information stored electronically in Abbott’s systems or databases.
• An email or fax containing patient information. These must be encrypted or otherwise secured.

Spoken Health Information

Any information that relates to an individual’s health care or payment, including:

• A conversation between an Abbott employee and a customer about the patient’s insurance coverage.
• A discussion with a patient or their health care provider about the patient’s treatment.

Always be mindful of your surroundings when discussing PHI!

Now that you know what PHI is and why it’s important, take a moment to review some different documents and assess whether HIPAA would apply.

Simply click on PHI or Not PHI to move the information into its correct folder.

Patient Contact Information.

PHI

That’s correct! This example contains PHI.

Not PHI

A patient ID card.

PHI

That’s correct! This example contains PHI.

Not PHI

An Annual Report.

PHI

That’s correct! This example does not contain PHI.

Not PHI

Notice of privacy practices.

PHI

That’s correct! This example does not contain PHI.

Not PHI

A Product Brochure.

PHI

That’s correct! This example does not contain PHI.

Not PHI

An insurance registration form.

PHI

That’s correct! This example contains PHI.

Not PHI

That’s correct!

That’s not correct!

Click forward to continue.

All Abbott personnel in the United States (including US territories) who handle PHI must comply with the HIPAA regulations. Keep in mind, it only applies to US patients.

Consider some of our products and services that might contain PHI: Freestyle Libre, HeartMate LVAD, our Toxicology testing services, and all the Alinity products, just to name a few.

In addition, anyone who has access to or handles PHI on behalf of Abbott, such as external service providers or vendors, are also required to comply with HIPAA. Covered Entities, Business Associates, and Subcontractor Business Associates are required to have agreements in place which ensure PHI is adequately protected.

CLICK EACH OF THE PANELS TO LEARN MORE.

Covered Entities

Covered Entities include health plans, health care clearinghouses, and health care providers. Many of Abbott’s US-based customers are Covered Entities.

Examples of Covered Entities at Abbott include:

• Acelis Connected Health,
• Redwood Toxicology, and
• Alere Toxicology.

Business Associates

A Business Associate is an individual or entity who creates, receives, maintains, or transmits PHI on behalf of a Covered Entity. A Business Associates’ functions may include, remote monitoring, billing, accounting, legal, or IT services.

Examples of Business Associate entities at Abbott include:

• eScreen,
• Informatics, and
• Navica.

Shred-it is also a Business Associate when it removes our printed documents containing PHI.

HIPAA provides specific rights to patients.

For example, individuals or their authorized representatives can request:

• Access to their information,
• Updates to their information, and
• Who their information has been disclosed to.

Let's take a closer look at the rights HIPAA provides.

Patients have the following rights:

• To request a copy of their information,
• To request confidential communications,
• To request a disclosure of information to another person,
• To make a complaint,
• To request an accounting of disclosures, and
• To request an amendment of their information.

Right to Notice

Our Privacy Policy clearly explains what information may be collected; how the information may be used, disclosed, or maintained; and what privacy rights the individual has regarding their information.

The Policy applies to our customers, employees, and the general public, and can be accessed any time by visiting Abbott’s public website.

How does this impact our business?

While all states are required to follow HIPAA, many have expanded on the regulation, by creating their own medical privacy information protection laws. Thus, producing additional requirements that Abbott and companies across the United States must follow when handling their residents’ health information.

Because Abbott’s operations extend to all 50 states, we must comply with the applicable state laws.

CLICK EACH OF THE PANELS TO LEARN HOW INFORMATION PROTECTION AND MEDICAL PRIVACY LAWS VARY BY STATE.

Organizational Policies & Procedures

State laws may vary in the organizational policies and procedures required by a company to help ensure the privacy and protection of information.

Privacy & Security Breach Definitions

State laws may vary in how a privacy or security breach is defined and what is considered a breach.

Breach Reporting Requirements

Breach reporting requirements vary by state, which often include who, what, when, and how a breach must be reported.

PHI Definitions

State laws may vary in how Personal Information and/or Health Information is defined and what types of information are included under these definitions.

You receive a document containing an individual’s name, address, e-mail address, device implant date, and implanted device model and serial number.

Which of the information is considered PHI?

Device implant date.

Model and serial number of implanted device.

All of the information is PHI.

None of the information is PHI.

Name, address, and e-mail address.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

An individual’s name, address, e-mail address, device implant date, and the model and serial number of an implanted device are all considered PHI.

Click the forward arrow to continue.

What’s your responsibility in protecting PHI?

Check all that apply and click the Submit button below.

To know and follow our organization’s HIPAA policies for safeguarding PHI.

To know what PHI is and report all violations to Global Privacy.

None. I don’t ever work with PHI.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

All Abbott personnel have a responsibility to protect PHI. This includes following Abbott policies and practices that are designed to help to safeguard an individual’s personal information.

Click the forward arrow to continue.

Most states have created their own medical privacy laws. Does this mean they are exempt from complying with HIPAA?

Yes.

No.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

HIPAA applies to all states. However, the general standard is that if a state’s law is more protective of individual’s PHI, companies are required to adhere to both HIPAA and the state’s additional requirements.

Click the forward arrow to continue.

You have completed the Introduction to HIPAA section of this course. Before you proceed, here are a few key points to remember.

• HIPAA requires that we protect all PHI that we use, disclose, or maintain.
• PHI is information relating to an individual’s physical or mental health conditions, treatments, and payments that can identify an individual.
• HIPAA regulations apply to all PHI, regardless of the form or format.
• Abbott’s Privacy Policy describes how Abbott will use, disclose, and protect the privacy of health information, and the privacy rights of individuals, in accordance with HIPAA.
• Everyone at Abbott is responsible for ensuring the PHI we use, disclose, or maintain is protected.
• Because Abbott’s operations extend to all 50 states, we are required to comply with the applicable laws in each state.

Regardless of your role, it’s important to understand that we are only able to use PHI for the purposes for which it was collected and allowed to disclose (share) PHI under specific circumstances.

When authorization is required

Except when disclosures are made between a covered entity and a business associate (and other HIPAA-defined instances), Abbott must obtain a patient’s authorization before disclosing their PHI.

Disclosures requiring authorization may include:

• Posting a patient’s story on social media, such as Facebook or Twitter.
• Discussing a specific patient’s condition with someone not authorized by the individual.

Keep in mind: We need to be sure that the patient authorizes the specific use or disclosure prior to their PHI being used. Contact Global Privacy with any questions around this topic.

Another important part of HIPAA’s use and disclosure requirements is what’s referred to as the “minimum necessary” standard.

When we use or disclose PHI, the minimum necessary standard requires that we make a reasonable effort to use, disclose, or request only the minimum amount of PHI necessary to accomplish the intended purpose.

To what extent can you use, access, and disclose PHI?

The minimum degree necessary required for payment and healthcare operations.

Between 2 different Abbott entities.

Generally, if you can access PHI, you can use it.

All of the above.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

The minimum necessary standard requires that PHI accessed, used, or disclosed is limited to the minimum amount necessary for the intended purpose, except for treatment.

Click the forward arrow to continue.

When you comply with HIPAA, what are you ensuring?

Check all that apply and click the Submit button below.

Abbott will verify the identity of an authorized recipient before disclosing PHI.

Individuals have legal rights regarding who can access their PHI.

Abbott has the final say in who can access our patients and customer’s PHI.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

When you comply with HIPAA, you support an individual’s right to determine who can access their PHI and ensure that PHI is only provided to authorized recipients.

Click the forward arrow to continue.

You have completed the Using and Disclosing PHI section of this course. Before you proceed, here are a few key points to remember.

• We are only able to use and disclose PHI under a very specific set of circumstances.
• Prior to disclosing any PHI, it’s important that you verify the identity and authority of the person making the request.
• We must apply the minimum necessary standard when using and disclosing PHI, unless the use or disclosure is needed to support an individual’s treatment.

Just as there are rules for how we can use and disclose PHI, there are rules for how to secure (or protect) PHI.

The HIPAA Security Rule defines three categories of safeguards to protect our electronic PHI (“ePHI”). Within these categories HIPAA defines standards and implementation specifications to ensures policies, procedures and controls exist to protect the ePHI.

CLICK EACH OF THE PANELS TO LEARN HOW EACH SAFEGUARD APPLIES.

Physical Safeguards

Physical safeguards refer to the steps we take to protect unauthorized access to our facilities, equipment, and resources that contain PHI.

Some examples include site security, the use of badges, visitor access rules, and restricted access to sensitive areas like server rooms.

Technical Safeguards

Technical safeguards include using strong authentication controls (i.e., passwords) and encrypting emails containing ePHI.

Administrative Safeguards

Administrative safeguards describe the policies and procedures required to maintain the confidentiality, integrity, and availability of PHI. This training is an example of an administrative safeguard.

Other examples are procedures for giving and terminating access to systems containing ePHI, and contingency planning to ensure we can continue business and recover our PHI in an emergency, or after a disaster or other unforeseen event.

Refer to our Privacy and Information Security policies on Abbott World to learn more about the physical, technical, and administrative safeguards at Abbott.

While we recognize the importance of safeguarding PHI from unauthorized sources outside of our organization, it is inside our organization where we have the greatest impact.

You protect our PHI by following our policies and controls and by understanding some of the common ways PHI might be inappropriately used or disclosed.

CLICK EACH OF THE PANELS TO LEARN ABOUT THE RISKS ASSOCIATED WITH SPECIFIC ACTIVITIES AND HOW THEY CAN LEAD TO HIPAA PRIVACY VIOLATIONS.

Not logging off your computer

You’ve probably noticed a coworker who, at some point, has left their computer unlocked and unattended.

Not signing off a computer leaves the computer vulnerable to unauthorized access. Remember to log off or lock your computer before leaving your workstation.

Store any hard-copy PHI in a secure desk or file cabinet.

Sending unencrypted emails

Sending PHI to an outside party in an unencrypted email may allow hackers to intercept and access, delete, or change the data.

For this reason, before you send an email that contains PHI, encrypt the data by typing “[Secure]” (including the square brackets) in the subject line.

Sending a fax to a wrong number

Faxing a document containing PHI to a wrong number can send the PHI to an unauthorized recipient. This can potentially result in losing our customers’ trust, damage to Abbott’s reputation. Protect our PHI as if it were your own.

Using unencrypted storage devices

Information is at risk of falling into the wrong hands if a storage device is lost. Though convenient, small electronic storage devices, such as USBs, can be readily accessed by individuals with very limited technical know-how. It is important that USB’s and other portable storage devices are encrypted.

Abbott has a legal responsibility to investigate all privacy and security incidents related to PHI and to notify affected individuals as soon as possible.

If there is a misuse of PHI, such as disclosing information to an unauthorized individual, sending an unencrypted email with patient data, or improperly disposing of such sensitive information, report the incident as soon as possible.

If you have any concerns about a potential violation or questions regarding the reporting process, contact OEC or a member of the Global Privacy team.

As you scan your badge to enter an Abbott facility, a coworker approaches you and asks you to hold the door. Should you let the coworker follow you in?

Yes, as long as you’re sure they work at Abbott.

Yes, as long as they say they are authorized to work in that area.

Yes, as long as they have an employee badge.

No, all employees need to scan their badges to enter an Abbott facility.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

Regardless of the individual, or their level of authority, Abbott requires all employees to use their badge when entering an Abbott facility.

Click the forward arrow to continue.

You receive a call regarding a privacy concern. What should you do?

Try to resolve the situation.

Direct the concern to a member of the Global Privacy Team.

Determine if it’s a valid concern and then report it to the appropriate department.

Nothing. Privacy concerns are a normal part of our business.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

If a privacy concern is received, you should direct the concern to OEC or a member of the Global Privacy team as soon as possible.

Click the forward arrow to continue.

Which of the following are examples of a HIPAA incident?

Check all that apply and click the Submit button below.

Providing a Health Care Provider with patient information for treatment purposes.

Sending a fax with PHI to an incorrect fax number.

Discussing patient information with a friend at lunch.

Sending PHI via encrypted email to an authorized recipient.

Submit

Try Again

That’s not correct!

That’s partially correct!

That’s correct!

Please review your answer choice(s) and click the Try Again button above.

Information may be securely disclosed to Health Care Providers providing treatment and to authorized recipients. It’s not okay to discuss Protected Health Information with an unauthorized recipient.

Click the forward arrow to continue.

You have completed the Securing PHI and Incident Reporting section of this course. Before you proceed, here are a few key points to remember.

• By following Abbott’s HIPAA compliant policies and procedures, you help Abbott comply with HIPAA’s Privacy and Security Rules.
• An unauthorized acquisition, access, use, or disclosure of PHI may be a violation of HIPAA.
• To comply with HIPAA, Abbott has a responsibility to investigate all privacy and security incidents related to PHI.
• Any possible privacy incident should be communicated to OEC or a member of the Global Privacy team as soon as possible.

If you have questions about how HIPAA impacts your business, your role, or you would like to learn more about best practices, please reference the following list for Privacy contacts specific to your business.

Cardiovascular

Diabetes Care

Established Pharmaceuticals

Neuromodulation

Nutrition

Rapid Diagnostics

Corporate

For anyone at Abbott with HIPAA or Privacy questions contact Privacy@Abbott.com

Additional information can be found on the Global Privacy page.

Course Transcript

Click here for a full transcript of the course.

Activity: Introduction

The Knowledge Check consists of 10 questions. You must score 80% or higher to successfully complete this course.

When you are ready, click the Knowledge Check button to begin.

Question 1: Scenario

Which of the following are examples of a HIPAA privacy incident?

Check all that apply.

Question 1: Options

[1] Providing a Health Care Provider with patient information for treatment purposes.

[2] Documenting patient results on the wrong patient record.

[3] Discussing patient information with a friend.

[4] Sending PHI via encrypted email to an authorized recipient.

Question 1: Feedback

Information may be securely disclosed to Health Care Providers providing treatment and to authorized recipients. It’s not okay to discuss Protected Health Information with an unauthorized recipient. Always verify the recipient of PHI before disclosing any information or patient ID cards.

For more information about the correct answer, see Section 2.2, What is Protected Health Information?

Question 2: Scenario

To what extent can you use, access, and disclose PHI?

Question 2: Options

[1] The minimum degree necessary required for payment and healthcare operations.

[2] For research and marketing without the necessary approvals.

[3] Generally, if you can access PHI, you can use it.

[4] All of the above.

Question 2: Feedback

The minimum necessary standard requires that PHI accessed, used, or disclosed is limited to the minimum amount necessary for the intended purpose, except for treatment.

For more information about the correct answer, see Section 3.2 Minimum Necessary Standard.

Question 3: Scenario

You receive a document containing an individual’s name, address, and medical history. Which of the information is considered PHI?

Question 3: Options

[1] Individual’s name.

[2] Individual’s address.

[3] Individual’s medical history.

[4] All of the information is PHI.

[5] None of the information is PHI.

Question 3: Feedback

An individual’s name, address, and medical history are all considered PHI.

For more information about the correct answer, see Section 2.2, What is Protected Health Information?

Question 4: Scenario

You receive a call regarding a privacy concern. What should you do?

Question 4: Options

[1] Try to resolve the situation.

[2] Direct the concern to your local Privacy Steward or the Privacy Office.

[3] Determine if it’s a valid concern and then report it to the appropriate department.

[4] Nothing. Privacy concerns are a normal part of our business.

Question 4: Feedback

If a privacy concern is received, you should direct the concern to your local Privacy Steward or Abbott’s Privacy Office as soon as possible.

For more information about the correct answer, see Section 4.3, Reporting Your Concerns.

Question 5: Scenario

What’s your responsibility in protecting PHI?

Check all that apply.

Question 5: Options

[1] To know and follow our organization’s HIPAA security and privacy policies for safeguarding PHI.

[2] To know what PHI is and report all known or suspected misuse of PHI to the Privacy Office.

[3] None. I don’t ever work with PHI.

Question 5: Feedback

All Abbott personnel have a responsibility to protect PHI. Understanding and following Abbott’s HIPAA privacy and security policies help to safeguard an individual’s personal information.

For more information about the correct answer, see Section 2.3, Understanding Your Responsibilities.

Question 6: Scenario

When you comply with HIPAA, you support an individual’s right to determine who can access their PHI and ensure that PHI is only provided to authorized recipients.

Check all that apply.

Question 6: Options

[1] Abbott will verify the identity of an authorized recipient before disclosing PHI.

[2] Individuals have legal rights regarding who can access their PHI.

[3] Abbott has the final say in who can access our patients and customer’s PHI.

Question 6: Feedback

When you comply with HIPAA, you support an individual’s right to determine who can access their PHI and ensure that PHI is only provided to authorized recipients.

For more information about the correct answer, see Section 2.4, Individuals have Rights.

Question 7: Scenario

Under HIPAA rules, an individual has the right to request which of the following:

Question 7: Options

[1] To request a copy of their health record.

[2] To request we make a correction to their health record.

[3] To request confidential communications between us and the individual.

[4] All of the above.

Question 7: Feedback

An individual has the right to request a copy of their health record, corrections to their health record, and confidential communications between us and the individual.

For more information about the correct answer, see Section 2.4, Individuals have Rights.

Question 8: Scenario

You are only responsible for securing electronic forms of PHI.

Question 8: Options

[1] True. Having conversations about PHI is just part of our business and requires no security controls.

[2] False. Reasonable safeguards need to be taken to secure all PHI, regardless of form.

Question 8: Feedback

All forms of PHI require that you follow Abbott’s practices for safeguarding PHI.

For more information about the correct answer, see Section 4.1, Securing PHI.

Question 9: Scenario

As you scan your badge to enter a restricted area, a coworker approaches you and asks you to hold the door. Should you let them follow you in?

Question 9: Options

[1] Yes, as long as you’re sure she works at Abbott.

[2] Yes, as long as she says she’s authorized to work in that area.

[3] Yes, as long as she has an employee badge.

[4] No, all employees need to scan their badges to enter a restricted area.

Question 9: Feedback

Regardless of the individual, or their level of authority, Abbott requires all employees use their badge when entering a restricted area.

For more information about the correct answer, see Section 4.2, Potential Violations & Consequences.

Question 10: Scenario

Most states have created their own medical privacy laws. Does this mean they are exempt from complying with HIPAA?

Check all that apply.

Question 10: Options

[1] Yes. HIPAA only applies if a state does not have privacy laws aimed at protecting PHI.

[2] No. HIPAA applies to all states, regardless of whether they have medical privacy laws that are separate from HIPAA.

Question 10: Feedback

HIPAA applies to all states. However, the general standard is that if a state’s law is more protective of individual’s PHI, companies are required to adhere to both HIPAA and the state’s additional requirements.

For more information about the correct answer, see Section 2.5, State-Specific Privacy Laws.

All questions remain unanswered

Activity: Overall Feedback

No results are available, as you have not completed the Knowledge Check.

Congratulations! You have successfully passed the Knowledge Check and completed the course.

Please review your results below by clicking on each question.

Once you are done, you must click the EXIT [X] icon in the course title bar before closing your browser window or browser tab.

Sorry, you did not pass the Knowledge Check. Take a few minutes to review your results below by clicking on each question.

When you are done, click the Retake Knowledge Check button.

Introduction

Welcome

Objectives

Tutorial

An Introduction to HIPAA

What is HIPAA?

What is Protected Health Information?

Understanding Your Responsibilities

Individuals Have Rights

State-Specific Privacy Laws

Quick Check

An Introduction to HIPAA: Quick Reference

Using and Disclosing PHI

Types of Disclosures

Minimum Necessary Standard

Quick Check

Using and Disclosing PHI: Quick Reference

Securing PHI & Incident Reporting

Securing PHI

Potential Violations & Consequences

Reporting Your Concerns

Quick Check

Securing PHI & Incident Reporting: Quick Reference

Resources

Where to get help

Reference Material

Knowledge Check

Introduction

Knowledge Check

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Feedback

The Course cannot contact the LMS. Click 'OK' to continue and review the course. Note, Course Certification may not be available. Click 'Cancel' to exit

All questions remain unanswered

Questions

Question

not answered

That's correct!

That's not correct!

Feedback:

HIPAA PRIVACY AND SECURITY TRAINING

Knowledge Check

Submit

Retake Knowledge Check

Course Description: This course provides an overview of the Health Insurance Portability and Accountability Act (or HIPAA). Any organization that uses, discloses, or maintains protected health data (PHI) must comply with the rules of HIPAA. As a company that handles PHI, Abbott needs to comply with HIPAA, and we're relying on you to help us do that. Throughout this course, you’ll learn about HIPAA and best practices for protecting PHI.

Table of Contents

Where to Get Help

Reference Material

Audio

Exit

Close