How do you handle remote HIPAA training?
HIM Connection, October 6, 2009
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
Q. Is HIPAA training via WebEx or a similar Internet format adequate for work force members who work remotely, such as sales and account representatives? What type of documentation is necessary for training completed entirely in this manner? How should we document that a work force member attended a training session? Is in-person HIPAA training preferable. If so, why?
A. Remote HIPAA training using Internet-based, computer-based, or Internet meeting services (e.g., WebEx or GoToMeeting) is an acceptable form of work force training. Reasonably ensuring that any Internet-based learning tools include an audit log to document the beginning and end of training sessions and whether a work force member completed the training is important.
Internet-based meeting services will generally provide a log that documents when a participant logs into and out of the training session. Both can be used to document that the work force member attended and completed the training.
Requiring work force members to complete a test related to the material covered during training is advisable. Some online HIPAA training tools include this feature. Develop a test and require completion by participants who undergo training via the Internet to document knowledge retention and attendance.
In-person training works well for centrally located work force members, but it is not necessarily the preferred form of training. It does offer work force members an opportunity to interact with the instructor and ask questions pertaining to their job. However, neither the HIPAA privacy nor security rule indicates a preferred training method.
Important considerations include:
- Did the work force member attend a training session?
- Did the work force member understand the information presented?
- Does the covered entity or business associate repeat training sessions for all work force members at least once annually, using the method(s) it deems most effective?
Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, OR, answered this question in the October issue of Briefings on HIPAA.
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- HIPAA Q&A: Level of encryption needed for email
- Capturing all necessary codes for IUD insertion and removal can be challenging
- Identify potential Medicaid RAC target areas
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- CHANGES COMING: Key differences in nationwide rollout
- Searched