HIPAA for Health Centers
As covered entities, health centers must comply with the same HIPAA Rules that apply to other health care providers including large hospitals and hospital systems; however, health centers often have limited time, personnel and resources to commit to HIPAA compliance. Recent HIPAA settlements demonstrate that the Office for Civil Rights (OCR) expects all covered entities (including health centers) to comply with the HIPAA Rules regardless of their size, location or mission. Non-compliance can result in civil monetary penalties and corrective action plans that last at least two years and include substantial oversight by OCR.
This workshop series introduces the key compliance requirements for health centers under the HIPAA Privacy, Security and Breach Notification Rules – from the Privacy Rule requirements for providing patients with access to their protected health information (PHI), to the Security Rule requirements for conducting security risk analyses and limiting access to electronic PHI to the Breach Notification Rule requirements to investigate and report breaches. Presenters will include the details of recent HIPAA enforcement actions and settlements, updates on changes to the HIPAA Rules, and lots of client stories and time for your questions.
HIPAA Privacy for Health Centers
November 2, 2026
HIPAA Security for Health Centers
November 9, 2026
Business Associates and Breaches
November 16, 2026
Each workshops includes:
- Overview of the HIPAA regulations and compliance expectations
- Discussion of relevant enforcement actions and guidance from OCR
- Updates on proposed/pending changes to the HIPAA regulations
- Tips on developing a more robust HIPAA compliance program in your health center
The on-demand version of this webinar will be available for purchase after the conclusion of the live webinar.
Target Audience
- HIPAA Privacy Officers
- HIPAA Security Officers
- Compliance Officers
- Health Center Directors
- Operations staff
- Medical records staff
- Administrative and/or office staff
Learning Objectives
HIPAA Privacy for Health Centers
- Understand the key HIPAA Privacy compliance requirements for health centers
- Develop and/or revise your health center’s policies and procedures to comply with the HIPAA Privacy Rule and to incorporate best practices
- Revise your health center’s Notice of Privacy Practices to reflect how your health center uses and discloses patient information
HIPAA Security for Health Centers
- Understand the key HIPAA Security compliance requirements for health centers.
- Understand the expectations for conducting a security risk analysis and developing activities to mitigate identified security risks
- Develop and/or revise your health center’s policies and procedures to comply with the HIPAA Security Rule and to incorporate best practices
Business Associates and Breaches
- Identify when a business associate agreement is required prior to disclosing patient information
- Develop and/or revise your health center’s business associate agreement template to incorporate the required elements and provisions favorable to your health center
- Understand the requirements for reporting breaches to patients, to the Office for Civil Rights and to the media
Agenda
Title | Date & Time (ET) | Duration |
|---|---|---|
| HIPAA Privacy for Health Centers | 11/02/2026 12:00 p.m. | 4 hours |
| HIPAA Security for Health Centers | 11/09/2026 12:00 p.m. | 4 hours |
| Business Associates and Breaches | 11/16/2026 12:00 p.m. | 4 hours |
Andrea C. Harris
Andrea Harris serves as Counsel with the firm’s Health Care practice group, where she advises clients on complex compliance, contract and business strategy, employment, and FTCA-related matters. As a former General Counsel and Director of Corporate Compliance for a multi-site FQHC, Andrea brings firsthand insight into the regulatory, operational, and governance challenges health centers face. She partners closely with clients to navigate high-stakes issues and develop practical, strategic solutions. [Full Bio]
Natalie S. Lesnick
Natalie S. Lesnick serves as Health Care Compliance Counsel with the firm’s Health Care practice group, where she advises clients on healthcare compliance and privacy matters, including HIPAA, Medicare and Medicaid requirements. Prior to joining the firm, she served as a consultant supporting providers nationwide on compliance program development and evaluation. She is a licensed attorney in Ohio and holds certifications in Health Care Compliance (CHC) and Health Care Privacy Compliance (CHPC). [Full Bio]
Participants can earn up to 12.00 CPE credits in Specialized Knowledge and Applications upon completion of all course requirements.
Attendee Requirements for CPE Credit
If you purchase CPE credit for this webinar you must satisfy the following conditions in order to receive your certificate:
- Answer all of the polling questions during the webinars
- Complete the evaluation survey after the conclusion of the webinar or in the follow-up email
Upon completion of these requirements, we will email you your CPE Certificate within two (2) weeks.
Additional Information
- Prerequisites: None
- Target Audience: HIPAA Privacy Officers, HIPAA Security Officers, Compliance Officers, Health Center Directors, Operations staff, Medical records staff, and Administrative and/or office staff
- Advanced Preparation: None
- Program Level: All
- Delivery Method: Group Internet Based
Feldesman LLP is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website www.nasbaregistry.org (formerly www.learningmarket.org).
Available Credit
- 12.00 Certificate of Attendance
- 12.00 CPE

Facebook
X
LinkedIn
Forward