(Recorded Series) HIPAA for Health Centers

As covered entities, health centers must comply with the same HIPAA Rules that apply to other health care providers including large hospitals and hospital systems; however, health centers often have limited time, personnel and resources to commit to HIPAA compliance. Recent HIPAA settlements demonstrate that the Office for Civil Rights (OCR) expects all covered entities (including health centers) to comply with the HIPAA Rules regardless of their size, location or mission. Non-compliance can result in civil monetary penalties and corrective action plans that last at least two years and include substantial oversight by OCR. 

This workshop series introduces the key compliance requirements for health centers under the HIPAA Privacy, Security and Breach Notification Rules – from the Privacy Rule requirements for disclosing protected health information (PHI) and responding to patient requests, to the Security Rule requirements for conducting security risk analyses and limiting access to electronic PHI to investigating and reporting breaches. Presenters will include the details of recent HIPAA enforcement actions and settlements, updates on changes to the HIPAA Rules, and lots of client stories and time for your questions. Join us for one workshop or all three!

Target Audience

  • HIPAA Privacy Officers
  • HIPAA Security Officers
  • Compliance Officers
  • Health Center Directors
  • Operations staff
  • Medical records staff
  • Administrative and/or office staff

Learning Objectives

Workshop 1: HIPAA Privacy for Health Centers

  • Understand the key HIPAA Privacy compliance requirements for health centers
  • Develop and/or revise your health center’s policies and procedures to comply with the HIPAA Privacy Rule and to incorporate best practices
  • Revise your health center’s Notice of Privacy Practices to reflect how your health center uses and discloses patient information

Workshop 2: HIPAA Security for Health Centers

  • Understand the key HIPAA Security compliance requirements for health centers.
  • Understand the expectations for conducting a security risk analysis and developing activities to mitigate identified security risks
  • Develop and/or revise your health center’s policies and procedures to comply with the HIPAA Security Rule and to incorporate best practices

Workshop 3: Business Associates and Breaches

  • Identify when a business associate agreement is required prior to disclosing patient information
  • Develop and/or revise your health center’s business associate agreement template to incorporate the required elements and provisions favorable to your health center
  • Understand the requirements for reporting breaches to patients, to the Office for Civil Rights and to the media
Course summary
Course opens: 
Course expires: 


A Partner in the firm’s health law practice group, Molly advises health centers on the management of clinical, employment and workforce-related risks, with a particular focus on professional liability, Federal Tort Claims Act, and HIPAA matters. From her experience as both a private attorney and in-house counsel, Molly knows the importance of managing liability and risk issues in mission-driven organizations. [Full Bio]


As Partner and Compliance Counsel with the firm’s health law practice group, Dianne advises health centers on implementing effective compliance programs and on addressing top compliance risk areas. Dianne counsels health centers and other organizations on developing compliance programs that include the OIG’s seven elements, respond to identified compliance risk areas, and reflect the organization’s culture.  Dianne also advises health centers and other organizations on patient privacy and confidentiality, including the HIPAA Privacy Rule and 42 CFR Part 2.  She has experience responding to privacy and security incidents, including determining whether there has been a breach, notifying patients and the government, and creating corrective action plans. [Full Bio]

Certificates of Attendance: We verify attendance upon completion of a webinar (live or recorded version) and will only issue certificates in the name of the account holder enrolled in the course. If you need to document attendance for someone other than the account holder, we provide blank Certificates of Attendance for a supervisor to sign and certify that a different individual viewed the course. 

Group Attendance: Due to the online nature of webinars, we cannot verify participation by more than one person. For groups, we provide an attendance record form and blank Certificates of Attendance to record attendance at a group viewing session and document each individual's participation. We recommend that a supervisor or colleague sign the certificate to certify attendance. 

Read more about maintaining an attendance record in our FAQs.

Please login or register to take this course.
Please login or register to take this course.
Please login or register to take this course.
Please login or register to take this course.


Please login or register to take this course.


Each recorded webinar in this series is available for 90 days after the date of purchase. Once posted to your account, you can view the webinars anytime on-demand during the access period identified in your purchase confirmation. For additional information on viewing and accessing webinars, view our full terms and conditions here.


If you pay by credit card or PayPal, you will be able to access the recorded webinar immediately (unless the live webinar has not yet occurred). If you pay by check, we will grant access to the recording when we receive your check. You will receive a confirmation email once access is granted. Feldesman reserves the right to suspend access to the webinar if payment is not received within 30 days. For more information on payments and registration, please visit our FAQ page.


No refunds will be provided for recorded webinars. Feldesman can transfer a registration to someone else within your organization or, provided you have not already viewed the webinar, transfer the registration to another on-demand program. Where the registration fee for the new webinar is higher, you must also pay the difference between the original course and the new course registration fee at the time of transfer. Administrative fees may also apply. If your organization purchased a webinar under the account of a staff member who no longer works for your organization, please contact us. View our full policy on refunds and cancellations here.

Required Hardware/Software

Google Chrome and Mozilla Firefox are the preferred browsers.